Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title php5 security update
Informations
Name DSA-2492 First vendor Publication 2012-06-10
Vendor Debian Last vendor Modification 2012-06-10
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The Phar extension for PHP does not properly handle crafted tar files, leading to a heap-based buffer overflow. PHP applications processing tar files could crash or, potentially, execute arbitrary code.

In addition, this update addresses a regression which caused a crash when accessing a global object that is returned as $this from __get.

For the stable distribution (squeeze), this problem has been fixed in version 5.3.3-7+squeeze13.

For the testing distribution (wheezy) and the unstable distribution (sid), this problem has been fixed in version 5.4.4~rc1-1.

We recommend that you upgrade your php5 packages.

Original Source

Url : http://www.debian.org/security/2012/dsa-2492

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-189 Numeric Errors (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17519
 
Oval ID: oval:org.mitre.oval:def:17519
Title: USN-1481-1 -- php5 vulnerabilities
Description: Several security issues were fixed in PHP.
Family: unix Class: patch
Reference(s): USN-1481-1
CVE-2012-0781
CVE-2012-1172
CVE-2012-2143
CVE-2012-2317
CVE-2012-2335
CVE-2012-2336
CVE-2012-2386
Version: 7
Platform(s): Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04
Ubuntu 8.04
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20017
 
Oval ID: oval:org.mitre.oval:def:20017
Title: DSA-2492-1 php5 - buffer overflow
Description: The Phar extension for PHP does not properly handle crafted tar files, leading to a heap-based buffer overflow. PHP applications processing tar files could crash or, potentially, execute arbitrary code.
Family: unix Class: patch
Reference(s): DSA-2492-1
CVE-2012-2386
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21402
 
Oval ID: oval:org.mitre.oval:def:21402
Title: RHSA-2012:1047: php53 security update (Moderate)
Description: Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
Family: unix Class: patch
Reference(s): RHSA-2012:1047-00
CESA-2012:1047
CVE-2010-2950
CVE-2011-4153
CVE-2012-0057
CVE-2012-0789
CVE-2012-1172
CVE-2012-2143
CVE-2012-2336
CVE-2012-2386
Version: 107
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21499
 
Oval ID: oval:org.mitre.oval:def:21499
Title: RHSA-2012:1046: php security update (Moderate)
Description: Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
Family: unix Class: patch
Reference(s): RHSA-2012:1046-01
CESA-2012:1046
CVE-2010-2950
CVE-2011-4153
CVE-2012-0057
CVE-2012-0781
CVE-2012-0789
CVE-2012-1172
CVE-2012-2143
CVE-2012-2336
CVE-2012-2386
Version: 120
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23134
 
Oval ID: oval:org.mitre.oval:def:23134
Title: ELSA-2012:1047: php53 security update (Moderate)
Description: Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
Family: unix Class: patch
Reference(s): ELSA-2012:1047-00
CVE-2010-2950
CVE-2011-4153
CVE-2012-0057
CVE-2012-0789
CVE-2012-1172
CVE-2012-2143
CVE-2012-2336
CVE-2012-2386
Version: 37
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23906
 
Oval ID: oval:org.mitre.oval:def:23906
Title: ELSA-2012:1046: php security update (Moderate)
Description: Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
Family: unix Class: patch
Reference(s): ELSA-2012:1046-01
CVE-2010-2950
CVE-2011-4153
CVE-2012-0057
CVE-2012-0781
CVE-2012-0789
CVE-2012-1172
CVE-2012-2143
CVE-2012-2336
CVE-2012-2386
Version: 41
Platform(s): Oracle Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27479
 
Oval ID: oval:org.mitre.oval:def:27479
Title: DEPRECATED: ELSA-2012-1047 -- php53 security update (moderate)
Description: [5.3.3-13] - add security fix for CVE-2010-2950 [5.3.3-11] - fix tests for CVE-2012-2143, CVE-2012-0789 [5.3.3-10] - add security fix for CVE-2012-2336 [5.3.3-9] - add security fixes for CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386
Family: unix Class: patch
Reference(s): ELSA-2012-1047
CVE-2012-2143
CVE-2011-4153
CVE-2012-0057
CVE-2012-0789
CVE-2012-1172
CVE-2012-2336
CVE-2010-2950
CVE-2012-2386
Version: 4
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 441

OpenVAS Exploits

Date Description
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-10936
File : nvt/gb_fedora_2012_10936_php_fc17.nasl
2012-08-30 Name : Fedora Update for maniadrive FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_maniadrive_fc17.nasl
2012-08-30 Name : Fedora Update for php FEDORA-2012-9490
File : nvt/gb_fedora_2012_9490_php_fc17.nasl
2012-08-10 Name : Debian Security Advisory DSA 2492-1 (php5)
File : nvt/deb_2492_1.nasl
2012-08-06 Name : Fedora Update for php FEDORA-2012-10908
File : nvt/gb_fedora_2012_10908_php_fc16.nasl
2012-08-03 Name : Mandriva Update for php MDVSA-2012:093 (php)
File : nvt/gb_mandriva_MDVSA_2012_093.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:1046 centos6
File : nvt/gb_CESA-2012_1046_php_centos6.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:1047 centos5
File : nvt/gb_CESA-2012_1047_php53_centos5.nasl
2012-07-03 Name : Fedora Update for maniadrive FEDORA-2012-9762
File : nvt/gb_fedora_2012_9762_maniadrive_fc16.nasl
2012-07-03 Name : Fedora Update for php-eaccelerator FEDORA-2012-9762
File : nvt/gb_fedora_2012_9762_php-eaccelerator_fc16.nasl
2012-07-03 Name : Fedora Update for php FEDORA-2012-9762
File : nvt/gb_fedora_2012_9762_php_fc16.nasl
2012-06-28 Name : RedHat Update for php RHSA-2012:1046-01
File : nvt/gb_RHSA-2012_1046-01_php.nasl
2012-06-28 Name : RedHat Update for php53 RHSA-2012:1047-01
File : nvt/gb_RHSA-2012_1047-01_php53.nasl
2012-06-22 Name : Ubuntu Update for php5 USN-1481-1
File : nvt/gb_ubuntu_USN_1481_1.nasl

Nessus® Vulnerability Scanner

Date Description
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-311.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-95.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2013-01-25 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php53-120618.nasl - Type : ACT_GATHER_INFO
2012-09-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_2.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120627_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120627_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2012-07-03 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-9762.nasl - Type : ACT_GATHER_INFO
2012-07-01 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-9490.nasl - Type : ACT_GATHER_INFO
2012-06-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2492.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2012-06-20 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1481-1.nasl - Type : ACT_GATHER_INFO
2012-06-15 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_4_4.nasl - Type : ACT_GATHER_INFO
2012-06-15 Name : The remote web server uses a version of PHP that is affected by multiple vuln...
File : php_5_3_14.nasl - Type : ACT_GATHER_INFO
2012-06-15 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-093.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:31:09
  • Multiple Updates