Vulnerabilities > CVE-2020-7060 - Out-of-bounds Read vulnerability in multiple products

When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.

Vulnerable Configurations

Part	Description	Count
Application	Php PHP PHP 7.4.0 PHP PHP 7.4.1 PHP PHP 7.2.0 PHP PHP 7.2.1 PHP PHP 7.2.2 PHP PHP 7.2.3 PHP PHP 7.2.4 PHP PHP 7.2.5 PHP PHP 7.2.6 PHP PHP 7.2.7 PHP PHP 7.2.8 PHP PHP 7.2.9 PHP PHP 7.2.10 PHP PHP 7.2.11 PHP PHP 7.2.12 PHP PHP 7.2.13 PHP PHP 7.2.14 PHP PHP 7.2.15 PHP PHP 7.2.16 PHP PHP 7.2.17 PHP PHP 7.2.18 PHP PHP 7.2.19 PHP PHP 7.2.20 PHP PHP 7.2.21 PHP PHP 7.2.22 PHP PHP 7.2.23 PHP PHP 7.2.24 PHP PHP 7.2.25 PHP PHP 7.2.26 PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP 7.3.3 PHP PHP 7.3.4 PHP PHP 7.3.5 PHP PHP 7.3.6 PHP PHP 7.3.7 PHP PHP 7.3.8 PHP PHP 7.3.9 PHP PHP 7.3.10 PHP PHP 7.3.11 PHP PHP 7.3.12 PHP PHP 7.3.13 PHP PHP 7.3.14	120
Application	Tenable Tenable Tenable.Sc - Tenable Tenable.Sc 5.13.0 Tenable Tenable.Sc 5.14.0 Tenable Tenable.Sc 5.14.1 Tenable Tenable.Sc 5.16.0 Tenable Tenable.Sc 5.17.0 Tenable Tenable.Sc 5.18.0 Tenable Tenable.Sc 5.19.0	8
Application	Oracle Oracle Communications Diameter Signaling Router 8.0 Oracle Communications Diameter Signaling Router 8.0.0 Oracle Communications Diameter Signaling Router 8.0.0.0 Oracle Communications Diameter Signaling Router 8.1 Oracle Communications Diameter Signaling Router 8.2 Oracle Communications Diameter Signaling Router 8.2.1 Oracle Communications Diameter Signaling Router 8.2.2 Oracle Communications Diameter Signaling Router 8.3 Oracle Communications Diameter Signaling Router 8.3.0.0 Oracle Communications Diameter Signaling Router 8.4	10
OS	Opensuse Opensuse Leap 15.1	1
OS	Debian Debian Debian Linux 8.0	1

Common Weakness Enumeration (CWE)

CWE-125 - Out-of-bounds Read

Common Attack Pattern Enumeration and Classification (CAPEC)

Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Nessus

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4279-1.NASL
description	It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2020-02-18
plugin id	133764
published	2020-02-18
reporter	Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133764
title	Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : php5, php7.0, php7.2, php7.3 vulnerabilities (USN-4279-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4279-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(133764); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/20"); script_cve_id("CVE-2015-9253", "CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"USN", value:"4279-1"); script_name(english:"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : php5, php7.0, php7.2, php7.3 vulnerabilities (USN-4279-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4279-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.3"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.2-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.3-fpm"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:14.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:18.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:19.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/19"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(12\.04\|14\.04\|16\.04\|18\.04\|19\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04 / 14.04 / 16.04 / 18.04 / 19.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"libapache2-mod-php7.0", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cgi", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cli", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-fpm", pkgver:"7.0.33-0ubuntu0.16.04.11")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"libapache2-mod-php7.2", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cgi", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"php7.2-cli", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++; if (ubuntu_check(osver:"18.04", pkgname:"php7.2-fpm", pkgver:"7.2.24-0ubuntu0.18.04.3")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"libapache2-mod-php7.3", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"php7.3-cgi", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"php7.3-cli", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++; if (ubuntu_check(osver:"19.10", pkgname:"php7.3-fpm", pkgver:"7.3.11-0ubuntu0.19.10.3")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php5 / libapache2-mod-php7.0 / libapache2-mod-php7.2 / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2020-0622-1.NASL
description	This update for php7 fixes the following issues : CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2020-03-10
plugin id	134365
published	2020-03-10
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134365
title	SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0622-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0622-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(134365); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7062", "CVE-2020-7063"); script_name(english:"SUSE SLED15 / SLES15 Security Update : php7 (SUSE-SU-2020:0622-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for php7 fixes the following issues : CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165280" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1165289" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7059/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7060/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7062/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7063/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200622-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?2eb108d0" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server for SAP 15:zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-622=1 SUSE Linux Enterprise Server 15-LTSS:zypper in -t patch SUSE-SLE-Product-SLES-15-2020-622=1 SUSE Linux Enterprise Module for Web Scripting 15-SP1:zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP1-2020-622=1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1:zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-622=1 SUSE Linux Enterprise High Performance Computing 15-LTSS:zypper in -t patch SUSE-SLE-Product-HPC-15-2020-622=1 SUSE Linux Enterprise High Performance Computing 15-ESPOS:zypper in -t patch SUSE-SLE-Product-HPC-15-2020-622=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-embed-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sodium-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php7-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLED15\|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES15" && (! preg(pattern:"^(0\|1)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0/1", os_ver + " SP" + sp); if (os_ver == "SLED15" && (! preg(pattern:"^(1)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP1", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES15", sp:"1", reference:"apache2-mod_php7-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"apache2-mod_php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bcmath-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bcmath-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bz2-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-bz2-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-calendar-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-calendar-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ctype-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ctype-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-curl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-curl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dba-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dba-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-devel-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dom-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-dom-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-enchant-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-enchant-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-exif-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-exif-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fastcgi-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fastcgi-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fileinfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fileinfo-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fpm-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-fpm-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ftp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ftp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gd-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gd-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gettext-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gettext-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gmp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-gmp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-iconv-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-iconv-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-intl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-intl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-json-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-json-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ldap-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-ldap-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mbstring-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mbstring-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mysql-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-mysql-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-odbc-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-odbc-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-opcache-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-opcache-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-openssl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-openssl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pcntl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pcntl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pdo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pdo-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pgsql-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-pgsql-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-phar-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-phar-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-posix-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-posix-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-shmop-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-shmop-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-snmp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-snmp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-soap-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-soap-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sockets-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sockets-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sqlite-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sqlite-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvmsg-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvmsg-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvsem-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvsem-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvshm-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sysvshm-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tokenizer-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tokenizer-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-wddx-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-wddx-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlreader-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlreader-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlrpc-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlrpc-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlwriter-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xmlwriter-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xsl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-xsl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zip-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zip-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zlib-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-zlib-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-embed-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-embed-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-readline-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-readline-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tidy-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"1", reference:"php7-tidy-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"apache2-mod_php7-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"apache2-mod_php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bcmath-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bcmath-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bz2-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-bz2-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-calendar-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-calendar-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ctype-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ctype-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-curl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-curl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dba-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dba-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-debugsource-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-devel-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dom-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-dom-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-enchant-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-enchant-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-exif-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-exif-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fastcgi-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fastcgi-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fileinfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fileinfo-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fpm-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-fpm-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ftp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ftp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gd-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gd-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gettext-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gettext-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gmp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-gmp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-iconv-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-iconv-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-intl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-intl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-json-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-json-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ldap-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-ldap-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mbstring-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mbstring-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mysql-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-mysql-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-odbc-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-odbc-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-opcache-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-opcache-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-openssl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-openssl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pcntl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pcntl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pdo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pdo-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pgsql-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-pgsql-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-phar-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-phar-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-posix-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-posix-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-shmop-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-shmop-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-snmp-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-snmp-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-soap-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-soap-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sockets-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sockets-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sodium-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sqlite-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sqlite-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvmsg-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvmsg-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvsem-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvsem-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvshm-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-sysvshm-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-tokenizer-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-tokenizer-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-wddx-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-wddx-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlreader-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlreader-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlrpc-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlrpc-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlwriter-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xmlwriter-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xsl-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-xsl-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zip-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zip-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zlib-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLES15", sp:"0", cpu:"s390x", reference:"php7-zlib-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-debugsource-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-embed-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-embed-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-readline-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-readline-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-sodium-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-sodium-debuginfo-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-tidy-7.2.5-4.52.4")) flag++; if (rpm_check(release:"SLED15", sp:"1", reference:"php7-tidy-debuginfo-7.2.5-4.52.4")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php7"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2020-0522-1.NASL
description	This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2020-03-02
plugin id	134199
published	2020-03-02
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134199
title	SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0522-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(134199); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/09"); script_cve_id("CVE-2019-11041", "CVE-2019-11042", "CVE-2019-11043", "CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060"); script_name(english:"SUSE SLES12 Security Update : php5 (SUSE-SU-2020:0522-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for php5 fixes the following issues : Security issues fixed : CVE-2019-11041: Fixed heap buffer over-read in exif_scan_thumbnail() (bsc#1146360). CVE-2019-11042: Fixed heap buffer over-read in exif_process_user_comment() (bsc#1145095). CVE-2019-11043: Fixed possible remote code execution via env_path_info underflow in fpm_main.c (bsc#1154999). CVE-2019-11045: Fixed an issue with the PHP DirectoryIterator class that accepts filenames with embedded \0 bytes (bsc#1159923). CVE-2019-11046: Fixed an out-of-bounds read in bc_shift_addsub (bsc#1159924). CVE-2019-11047: Fixed an information disclosure in exif_read_data (bsc#1159922). CVE-2019-11050: Fixed a buffer over-read in the EXIF extension (bsc#1159927). CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1145095" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1146360" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1154999" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159922" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159923" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159924" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1159927" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161982" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11041/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11042/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11043/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11045/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11046/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11047/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-11050/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7059/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7060/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200522-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7e9a53cf" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-522=1 SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-522=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'PHP-FPM Underflow RCE'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mcrypt-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-suhosin-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php5-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/09"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php5-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bcmath-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-bz2-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-calendar-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ctype-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-curl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dba-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-debugsource-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-dom-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-enchant-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-exif-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fastcgi-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fileinfo-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-fpm-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ftp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gd-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gettext-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-gmp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-iconv-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-imap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-intl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-json-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-ldap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mbstring-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mcrypt-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-mysql-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-odbc-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-opcache-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-openssl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pcntl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pdo-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pgsql-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-phar-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-posix-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-pspell-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-shmop-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-snmp-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-soap-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sockets-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sqlite-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-suhosin-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvmsg-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvsem-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-sysvshm-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-tokenizer-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-wddx-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlreader-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlrpc-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xmlwriter-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-xsl-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zip-debuginfo-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-5.5.14-109.68.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php5-zlib-debuginfo-5.5.14-109.68.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php5"); }

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2020-1347.NASL
description	When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)
last seen	2020-03-17
modified	2020-02-28
plugin id	134120
published	2020-02-28
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134120
title	Amazon Linux AMI : php73 (ALAS-2020-1347)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2020-1347. # include("compat.inc"); if (description) { script_id(134120); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"ALAS", value:"2020-1347"); script_name(english:"Amazon Linux AMI : php73 (ALAS-2020-1347)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2020-1347.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update php73' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pdo-dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php73-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) \|\| !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A\|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"php73-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-bcmath-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-cli-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-common-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-dba-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-dbg-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-debuginfo-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-devel-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-embedded-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-enchant-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-fpm-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-gd-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-gmp-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-imap-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-intl-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-json-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-ldap-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-mbstring-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-mysqlnd-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-odbc-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-opcache-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pdo-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pdo-dblib-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pgsql-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-process-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-pspell-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-recode-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-snmp-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-soap-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-tidy-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-xml-7.3.14-1.23.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php73-xmlrpc-7.3.14-1.23.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php73 / php73-bcmath / php73-cli / php73-common / php73-dba / etc"); }

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2020-1346.NASL
description	When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)
last seen	2020-03-17
modified	2020-02-28
plugin id	134119
published	2020-02-28
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134119
title	Amazon Linux AMI : php72 (ALAS-2020-1346)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Amazon Linux AMI Security Advisory ALAS-2020-1346. # include("compat.inc"); if (description) { script_id(134119); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"ALAS", value:"2020-1346"); script_name(english:"Amazon Linux AMI : php72 (ALAS-2020-1346)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote Amazon Linux AMI host is missing a security update." ); script_set_attribute( attribute:"description", value: "When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7059) When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash. (CVE-2020-7060)" ); script_set_attribute( attribute:"see_also", value:"https://alas.aws.amazon.com/ALAS-2020-1346.html" ); script_set_attribute( attribute:"solution", value:"Run 'yum update php72' to update your system." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-embedded"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pdo-dblib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-process"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xml"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:php72-xmlrpc"); script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/27"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/28"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Amazon Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/AmazonLinux/release"); if (isnull(release) \|\| !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux"); os_ver = pregmatch(pattern: "^AL(A\|\d)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux"); os_ver = os_ver[1]; if (os_ver != "A") { if (os_ver == 'A') os_ver = 'AMI'; audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver); } if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (rpm_check(release:"ALA", reference:"php72-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-bcmath-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-cli-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-common-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-dba-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-dbg-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-debuginfo-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-devel-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-embedded-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-enchant-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-fpm-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-gd-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-gmp-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-imap-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-intl-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-json-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-ldap-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-mbstring-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-mysqlnd-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-odbc-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-opcache-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pdo-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pdo-dblib-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pgsql-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-process-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-pspell-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-recode-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-snmp-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-soap-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-tidy-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-xml-7.2.27-1.20.amzn1")) flag++; if (rpm_check(release:"ALA", reference:"php72-xmlrpc-7.2.27-1.20.amzn1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php72 / php72-bcmath / php72-cli / php72-common / php72-dba / etc"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2020-DCA9810FD2.NASL
description	PHP version 7.3.14 (23 Jan 2020) Core - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) CURL: - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) Date: - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) DBA: - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) Fileinfo: - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) GD: - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) Libxml: - Fixed bug php#79029 (Use After Free
last seen	2020-06-01
modified	2020-06-02
plugin id	133430
published	2020-02-03
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133430
title	Fedora 31 : php (2020-dca9810fd2)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2020-dca9810fd2. # include("compat.inc"); if (description) { script_id(133430); script_version("1.4"); script_cvs_date("Date: 2020/02/14"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"FEDORA", value:"2020-dca9810fd2"); script_name(english:"Fedora 31 : php (2020-dca9810fd2)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "PHP version 7.3.14 (23 Jan 2020) Core - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) CURL: - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) Date: - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) DBA: - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) Fileinfo: - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) GD: - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) Libxml: - Fixed bug php#79029 (Use After Free's in XMLReader / XMLWriter). (Laruence) Mbstring: - Fixed bug php#79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita) OPcache: - Fixed bug php#79040 (Warning Opcode handlers are unusable due to ASLR). (cmb) Pcntl: - Fixed bug php#78402 (Converting null to string in error message is bad DX). (SATŌ Kentarō) PDO_PgSQL: - Fixed bug php#78983 (pdo_pgsql config.w32 cannot find libpq-fe.h). (SATŌ Kentarō) - Fixed bug php#78980 (pgsqlGetNotify() overlooks dead connection). (SATŌ Kentarō) - Fixed bug php#78982 (pdo_pgsql returns dead persistent connection). (SATŌ Kentarō) Session: - Fixed bug php#79091 (heap use-after-free in session_create_id()). (cmb, Nikita) Shmop: - Fixed bug php#78538 (shmop memory leak). (cmb) Standard: - Fixed bug php#79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb) - Fixed bug php#54298 (Using empty additional_headers adding extraneous CRLF). (cmb) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-dca9810fd2" ); script_set_attribute(attribute:"solution", value:"Update the affected php package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:31"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/01"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^31([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 31", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC31", reference:"php-7.3.14-1.fc31")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4628.NASL
description	Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
last seen	2020-03-17
modified	2020-02-20
plugin id	133815
published	2020-02-20
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133815
title	Debian DSA-4628-1 : php7.0 - security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4628. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(133815); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24"); script_cve_id("CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"DSA", value:"4628"); script_name(english:"Debian DSA-4628-1 : php7.0 - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/php7.0" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/stretch/php7.0" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2020/dsa-4628" ); script_set_attribute( attribute:"solution", value: "Upgrade the php7.0 packages. For the oldstable distribution (stretch), these problems have been fixed in version 7.0.33-0+deb9u7." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php7.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"9.0", prefix:"libapache2-mod-php7.0", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"libphp7.0-embed", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-bcmath", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-bz2", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-cgi", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-cli", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-common", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-curl", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-dba", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-dev", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-enchant", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-fpm", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-gd", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-gmp", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-imap", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-interbase", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-intl", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-json", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-ldap", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-mbstring", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-mcrypt", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-mysql", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-odbc", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-opcache", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-pgsql", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-phpdbg", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-pspell", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-readline", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-recode", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-snmp", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-soap", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-sqlite3", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-sybase", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-tidy", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-xml", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-xmlrpc", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-xsl", reference:"7.0.33-0+deb9u7")) flag++; if (deb_check(release:"9.0", prefix:"php7.0-zip", reference:"7.0.33-0+deb9u7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DLA-2124.NASL
description	Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash. For Debian 8
last seen	2020-03-17
modified	2020-03-02
plugin id	134175
published	2020-03-02
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134175
title	Debian DLA-2124-1 : php5 security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DLA-2124-1. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(134175); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/06"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_name(english:"Debian DLA-2124-1 : php5 security update"); script_summary(english:"Checks dpkg output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security update." ); script_set_attribute( attribute:"description", value: "Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash. For Debian 8 'Jessie', these problems have been fixed in version 5.6.40+dfsg-0+deb8u9. We recommend that you upgrade your php5 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://lists.debian.org/debian-lts-announce/2020/02/msg00030.html" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/jessie/php5" ); script_set_attribute(attribute:"solution", value:"Upgrade the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libapache2-mod-php5filter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libphp5-embed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-common"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-interbase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mcrypt"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-mysqlnd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-phpdbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-recode"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-sybase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5-xsl"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:8.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/02"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"8.0", prefix:"libapache2-mod-php5", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"libapache2-mod-php5filter", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"libphp5-embed", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php-pear", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-cgi", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-cli", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-common", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-curl", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-dbg", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-dev", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-enchant", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-fpm", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-gd", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-gmp", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-imap", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-interbase", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-intl", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-ldap", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-mcrypt", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-mysql", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-mysqlnd", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-odbc", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-pgsql", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-phpdbg", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-pspell", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-readline", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-recode", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-snmp", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-sqlite", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-sybase", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-tidy", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-xmlrpc", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (deb_check(release:"8.0", prefix:"php5-xsl", reference:"5.6.40+dfsg-0+deb8u9")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-202003-57.NASL
description	The remote host is affected by the vulnerability described in GLSA-202003-57 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands, cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time.
last seen	2020-04-30
modified	2020-03-27
plugin id	134965
published	2020-03-27
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134965
title	GLSA-202003-57 : PHP: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 202003-57. # # The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(134965); script_version("1.3"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/04/24"); script_cve_id("CVE-2018-19518", "CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7061", "CVE-2020-7062", "CVE-2020-7063", "CVE-2020-7064", "CVE-2020-7065", "CVE-2020-7066"); script_xref(name:"GLSA", value:"202003-57"); script_name(english:"GLSA-202003-57 : PHP: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-202003-57 (PHP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in PHP. Please review the CVE identifiers referenced below for details. Impact : An attacker could possibly execute arbitrary shell commands, cause a Denial of Service condition or obtain sensitive information. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/202003-57" ); script_set_attribute( attribute:"solution", value: "All PHP 7.2.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/php-7.2.29:7.2' All PHP 7.3.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/php-7.3.16:7.3' All PHP 7.4.x users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=dev-lang/php-7.4.4:7.4'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-19518"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'php imap_open Remote Code Execution'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:php"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/11/25"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"dev-lang/php", unaffected:make_list("ge 7.2.29", "ge 7.3.16", "ge 7.4.4"), vulnerable:make_list("lt 7.2.29", "lt 7.3.16", "lt 7.4.4"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "PHP"); }

NASL family	Debian Local Security Checks
NASL id	DEBIAN_DSA-4626.NASL
description	Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names.
last seen	2020-03-17
modified	2020-02-18
plugin id	133733
published	2020-02-18
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133733
title	Debian DSA-4626-1 : php7.3 - security update
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-4626. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(133733); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/20"); script_cve_id("CVE-2019-11045", "CVE-2019-11046", "CVE-2019-11047", "CVE-2019-11049", "CVE-2019-11050", "CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"DSA", value:"4626"); script_name(english:"Debian DSA-4626-1 : php7.3 - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in information disclosure, denial of service or incorrect validation of path names." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/source-package/php7.3" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/buster/php7.3" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2020/dsa-4626" ); script_set_attribute( attribute:"solution", value: "Upgrade the php7.3 packages. For the stable distribution (buster), these problems have been fixed in version 7.3.14-1~deb10u1." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php7.3"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:10.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2019/12/23"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/18"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"10.0", prefix:"libapache2-mod-php7.3", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"libphp7.3-embed", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-bcmath", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-bz2", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-cgi", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-cli", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-common", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-curl", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-dba", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-dev", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-enchant", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-fpm", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-gd", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-gmp", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-imap", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-interbase", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-intl", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-json", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-ldap", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-mbstring", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-mysql", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-odbc", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-opcache", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-pgsql", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-phpdbg", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-pspell", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-readline", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-recode", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-snmp", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-soap", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-sqlite3", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-sybase", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-tidy", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-xml", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-xmlrpc", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-xsl", reference:"7.3.14-1~deb10u1")) flag++; if (deb_check(release:"10.0", prefix:"php7.3-zip", reference:"7.3.14-1~deb10u1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2020-F9D2203F3B.NASL
description	PHP version 7.3.14 (23 Jan 2020) Core - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) CURL: - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) Date: - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) DBA: - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) Fileinfo: - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) GD: - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) Libxml: - Fixed bug php#79029 (Use After Free
last seen	2020-06-01
modified	2020-06-02
plugin id	133379
published	2020-01-31
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133379
title	Fedora 30 : php (2020-f9d2203f3b)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2020-f9d2203f3b. # include("compat.inc"); if (description) { script_id(133379); script_version("1.4"); script_cvs_date("Date: 2020/02/14"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"FEDORA", value:"2020-f9d2203f3b"); script_name(english:"Fedora 30 : php (2020-f9d2203f3b)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "PHP version 7.3.14 (23 Jan 2020) Core - Fixed bug php#78999 (Cycle leak when using function result as temporary). (Dmitry) CURL: - Fixed bug php#79033 (Curl timeout error with specific url and post). (cmb) Date: - Fixed bug php#79015 (undefined-behavior in php_date.c). (cmb) DBA: - Fixed bug php#78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached). (cmb) Fileinfo: - Fixed bug php#74170 (locale information change after mime_content_type). (Sergei Turchanov) GD: - Fixed bug php#78923 (Artifacts when convoluting image with transparency). (wilson chen) - Fixed bug php#79067 (gdTransformAffineCopy() may use uninitialized values). (cmb) - Fixed bug php#79068 (gdTransformAffineCopy() changes interpolation method). (cmb) Libxml: - Fixed bug php#79029 (Use After Free's in XMLReader / XMLWriter). (Laruence) Mbstring: - Fixed bug php#79037 (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). (CVE-2020-7060) (Nikita) OPcache: - Fixed bug php#79040 (Warning Opcode handlers are unusable due to ASLR). (cmb) Pcntl: - Fixed bug php#78402 (Converting null to string in error message is bad DX). (SATŌ Kentarō) PDO_PgSQL: - Fixed bug php#78983 (pdo_pgsql config.w32 cannot find libpq-fe.h). (SATŌ Kentarō) - Fixed bug php#78980 (pgsqlGetNotify() overlooks dead connection). (SATŌ Kentarō) - Fixed bug php#78982 (pdo_pgsql returns dead persistent connection). (SATŌ Kentarō) Session: - Fixed bug php#79091 (heap use-after-free in session_create_id()). (cmb, Nikita) Shmop: - Fixed bug php#78538 (shmop memory leak). (cmb) Standard: - Fixed bug php#79099 (OOB read in php_strip_tags_ex). (CVE-2020-7059). (cmb) - Fixed bug php#54298 (Using empty additional_headers adding extraneous CRLF). (cmb) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2020-f9d2203f3b" ); script_set_attribute(attribute:"solution", value:"Update the affected php package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:php"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/31"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^30([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC30", reference:"php-7.3.14-1.fc30")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php"); }

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2020-341.NASL
description	This update for php7 fixes the following issues : - CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-03-19
modified	2020-03-16
plugin id	134618
published	2020-03-16
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/134618
title	openSUSE Security Update : php7 (openSUSE-2020-341)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2020-341. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(134618); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/18"); script_cve_id("CVE-2020-7059", "CVE-2020-7060", "CVE-2020-7062", "CVE-2020-7063"); script_name(english:"openSUSE Security Update : php7 (openSUSE-2020-341)"); script_summary(english:"Check for the openSUSE-2020-341 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for php7 fixes the following issues : - CVE-2020-7062: Fixed a NULL pointer dereference when using file upload functionality under specific circumstances (bsc#1165280). - CVE-2020-7063: Fixed an issue where adding files change the permissions to default (bsc#1165289). - CVE-2020-7059: Fixed an out of bounds read in php_strip_tags_ex which may have led to denial of service (bsc#1162629). - CVE-2020-7060: Fixed a global buffer overflow in mbfl_filt_conv_big5_wchar which may have led to memory corruption (bsc#1162632). This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1162629" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1162632" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1165280" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1165289" ); script_set_attribute(attribute:"solution", value:"Update the affected php7 packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:apache2-mod_php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-embed-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-firebird-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pear-Archive_Tar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sodium-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-test"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:php7-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/02/10"); script_set_attribute(attribute:"patch_publication_date", value:"2020/03/15"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/16"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release =~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586\|i686\|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.1", reference:"apache2-mod_php7-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"apache2-mod_php7-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-bcmath-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-bcmath-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-bz2-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-bz2-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-calendar-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-calendar-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ctype-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ctype-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-curl-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-curl-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-dba-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-dba-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-debugsource-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-devel-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-dom-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-dom-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-embed-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-embed-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-enchant-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-enchant-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-exif-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-exif-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fastcgi-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fastcgi-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fileinfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fileinfo-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-firebird-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-firebird-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fpm-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-fpm-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ftp-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ftp-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gd-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gd-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gettext-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gettext-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gmp-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-gmp-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-iconv-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-iconv-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-intl-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-intl-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-json-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-json-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ldap-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-ldap-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-mbstring-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-mbstring-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-mysql-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-mysql-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-odbc-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-odbc-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-opcache-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-opcache-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-openssl-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-openssl-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pcntl-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pcntl-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pdo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pdo-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pear-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pear-Archive_Tar-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pgsql-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-pgsql-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-phar-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-phar-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-posix-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-posix-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-readline-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-readline-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-shmop-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-shmop-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-snmp-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-snmp-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-soap-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-soap-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sockets-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sockets-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sodium-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sodium-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sqlite-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sqlite-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvmsg-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvmsg-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvsem-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvsem-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvshm-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-sysvshm-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-test-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-tidy-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-tidy-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-tokenizer-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-tokenizer-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-wddx-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-wddx-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlreader-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlreader-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlrpc-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlrpc-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlwriter-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xmlwriter-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xsl-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-xsl-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-zip-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-zip-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-zlib-7.2.5-lp151.6.22.1") ) flag++; if ( rpm_check(release:"SUSE15.1", reference:"php7-zlib-debuginfo-7.2.5-lp151.6.22.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "apache2-mod_php7 / apache2-mod_php7-debuginfo / php7 / php7-bcmath / etc"); }

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2020-0397-1.NASL
description	This update for php72 fixes the following issues : Security issues fixed : CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single
last seen	2020-03-18
modified	2020-02-19
plugin id	133792
published	2020-02-19
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133792
title	SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0397-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2020:0397-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(133792); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24"); script_cve_id("CVE-2019-20433", "CVE-2020-7059", "CVE-2020-7060"); script_name(english:"SUSE SLES12 Security Update : php72 (SUSE-SU-2020:0397-1)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for php72 fixes the following issues : Security issues fixed : CVE-2020-7059: Fixed an out-of-bounds read in php_strip_tags_ex (bsc#1162629). CVE-2020-7060: Fixed a global buffer-overflow in mbfl_filt_conv_big5_wchar (bsc#1162632). CVE-2019-20433: Fixed a buffer over-read when processing strings ending with a single '\0' byte with ucs-2 and ucs-4 encoding (bsc#1161982). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1161982" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162629" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1162632" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2019-20433/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7059/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2020-7060/" ); # https://www.suse.com/support/update/announcement/2020/suse-su-20200397-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?a65ede57" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-397=1 SUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t patch SUSE-SLE-SDK-12-SP4-2020-397=1 SUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-397=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php72"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:apache2-mod_php72-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bcmath"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bcmath-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bz2"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-bz2-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-calendar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-calendar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ctype"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ctype-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-curl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-curl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dba"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dba-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dom"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-dom-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-enchant"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-enchant-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-exif"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-exif-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fastcgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fastcgi-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fileinfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fileinfo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fpm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-fpm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ftp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ftp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gd-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gettext"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gettext-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-gmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-iconv"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-iconv-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-imap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-imap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-intl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-intl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-json"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-json-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ldap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-ldap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mbstring"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mbstring-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mysql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-mysql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-odbc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-odbc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-opcache"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-opcache-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-openssl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-openssl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pcntl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pcntl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pdo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pdo-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pgsql"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pgsql-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-phar"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-phar-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-posix"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-posix-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pspell"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-pspell-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-readline"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-readline-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-shmop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-shmop-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-snmp"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-snmp-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-soap"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-soap-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sockets"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sockets-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sodium"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sodium-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sqlite"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sqlite-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvmsg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvmsg-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvsem"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvsem-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvshm"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-sysvshm-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tidy"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tidy-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tokenizer"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-tokenizer-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-wddx"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-wddx-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlreader"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlreader-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlrpc"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlrpc-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlwriter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xmlwriter-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xsl"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-xsl-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zip"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zip-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zlib"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:php72-zlib-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:12"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/27"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/18"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/19"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) \|\| release !~ "^(SLED\|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S\|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES12)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES12", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES12" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES12 SP0", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php72-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"apache2-mod_php72-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bcmath-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bcmath-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bz2-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-bz2-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-calendar-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-calendar-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ctype-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ctype-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-curl-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-curl-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dba-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dba-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-debugsource-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dom-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-dom-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-enchant-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-enchant-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-exif-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-exif-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fastcgi-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fastcgi-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fileinfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fileinfo-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fpm-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-fpm-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ftp-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ftp-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gd-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gd-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gettext-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gettext-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gmp-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-gmp-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-iconv-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-iconv-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-imap-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-imap-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-intl-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-intl-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-json-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-json-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ldap-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-ldap-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mbstring-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mbstring-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mysql-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-mysql-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-odbc-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-odbc-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-opcache-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-opcache-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-openssl-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-openssl-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pcntl-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pcntl-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pdo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pdo-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pgsql-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pgsql-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-phar-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-phar-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-posix-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-posix-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pspell-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-pspell-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-readline-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-readline-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-shmop-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-shmop-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-snmp-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-snmp-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-soap-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-soap-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sockets-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sockets-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sodium-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sodium-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sqlite-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sqlite-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvmsg-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvmsg-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvsem-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvsem-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvshm-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-sysvshm-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tidy-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tidy-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tokenizer-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-tokenizer-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-wddx-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-wddx-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlreader-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlreader-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlrpc-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlrpc-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlwriter-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xmlwriter-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xsl-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-xsl-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zip-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zip-debuginfo-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zlib-7.2.5-1.37.1")) flag++; if (rpm_check(release:"SLES12", sp:"0", reference:"php72-zlib-debuginfo-7.2.5-1.37.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php72"); }

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-4279-2.NASL
description	USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details : It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-18
modified	2020-02-20
plugin id	133840
published	2020-02-20
reporter	Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133840
title	Ubuntu 16.04 LTS : php7.0 regression (USN-4279-2)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-4279-2. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(133840); script_version("1.2"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24"); script_cve_id("CVE-2015-9253", "CVE-2020-7059", "CVE-2020-7060"); script_xref(name:"USN", value:"4279-2"); script_name(english:"Ubuntu 16.04 LTS : php7.0 regression (USN-4279-2)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details : It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2015-9253) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-7059) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2020-7060). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/4279-2/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libapache2-mod-php7.0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cgi"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-cli"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:php7.0-fpm"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:16.04"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/02/19"); script_set_attribute(attribute:"patch_publication_date", value:"2020/02/19"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/02/20"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(16\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 16.04", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"16.04", pkgname:"libapache2-mod-php7.0", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cgi", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-cli", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++; if (ubuntu_check(osver:"16.04", pkgname:"php7.0-fpm", pkgver:"7.0.33-0ubuntu0.16.04.12")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libapache2-mod-php7.0 / php7.0-cgi / php7.0-cli / php7.0-fpm"); }

NASL family	CGI abuses
NASL id	PHP_7_4_2.NASL
description	According to its banner, the version of PHP running on the remote web server is either 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, or 7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities: - An buffer overflow on the mbfl_filt_conv_big5_wchar` function. An unauthenticated, remote attacker can exploit this to leading to the disclosure of information within memory locations and possibly allow for the execution of malicious code. (CVE-2020-7060) - An out-of-bounds READ error exists in the php_strip_tags_ex due to an input validation error. An unauthenticated, remote attacker can exploit this, leading to the disclosure of information within some memory locations. (CVE-2020-7059)
last seen	2020-03-18
modified	2020-01-31
plugin id	133400
published	2020-01-31
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/133400
title	PHP 7.2.x < 7.2.27 / PHP 7.3.x < 7.3.14 / 7.4.x < 7.4.2 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include('compat.inc'); if (description) { script_id(133400); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/28"); script_cve_id("CVE-2020-7059", "CVE-2020-7060"); script_name(english:"PHP 7.2.x < 7.2.27 / PHP 7.3.x < 7.3.14 / 7.4.x < 7.4.2 Multiple Vulnerabilities"); script_set_attribute(attribute:"synopsis", value: "The version of PHP running on the remote web server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of PHP running on the remote web server is either 7.2.x prior to 7.2.27, 7.3.x prior to 7.3.14, or 7.4.x prior to 7.4.2. It is, therefore, affected by multiple vulnerabilities: - An buffer overflow on the mbfl_filt_conv_big5_wchar` function. An unauthenticated, remote attacker can exploit this to leading to the disclosure of information within memory locations and possibly allow for the execution of malicious code. (CVE-2020-7060) - An out-of-bounds READ error exists in the php_strip_tags_ex due to an input validation error. An unauthenticated, remote attacker can exploit this, leading to the disclosure of information within some memory locations. (CVE-2020-7059)"); script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.2.27"); script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.3.14"); script_set_attribute(attribute:"see_also", value:"http://php.net/ChangeLog-7.php#7.4.2"); script_set_attribute(attribute:"solution", value: "Upgrade to PHP version 7.2.27, 7.3.14, 7.4.2 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2020-7060"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/23"); script_set_attribute(attribute:"patch_publication_date", value:"2020/01/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/31"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CGI abuses"); script_copyright(english:"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("php_version.nasl"); script_require_keys("www/PHP", "installed_sw/PHP", "Settings/ParanoidReport"); script_require_ports("Services/www", 80); exit(0); } include('http.inc'); include('vcf.inc'); include('audit.inc'); port = get_http_port(default:80, php:TRUE); app_info = vcf::get_app_info(app:'PHP', port:port, webapp:TRUE); backported = get_kb_item('www/php/' + port + '/' + app_info.version + '/backported'); if ((report_paranoia < 2) && backported) audit(AUDIT_BACKPORT_SERVICE, port, 'PHP ' + app_info.version + ' install'); constraints = [ {'min_version':'7.2.0alpha1', 'fixed_version':'7.2.27'}, {'min_version':'7.3.0alpha1', 'fixed_version':'7.3.14'}, {'min_version':'7.4.0alpha1', 'fixed_version':'7.4.2'} ]; vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Nessus

References