Executive Summary

Summary
Title PHP vulnerabilities
Informations
Name USN-1358-1 First vendor Publication 2012-02-10
Vendor Ubuntu Last vendor Modification 2012-02-10
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10 - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS

Summary:

Multiple vulnerabilities in PHP.

Software Description: - php5: HTML-embedded scripting language interpreter

Details:

It was discovered that PHP computed hash values for form parameters without restricting the ability to trigger hash collisions predictably. This could allow a remote attacker to cause a denial of service by sending many crafted parameters. (CVE-2011-4885)

ATTENTION: this update changes previous PHP behavior by limiting the number of external input variables to 1000. This may be increased by adding a "max_input_vars" directive to the php.ini configuration file. See http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars for more information.

Stefan Esser discovered that the fix to address the predictable hash collision issue, CVE-2011-4885, did not properly handle the situation where the limit was reached. This could allow a remote attacker to cause a denial of service or execute arbitrary code via a request containing a large number of variables. (CVE-2012-0830)

It was discovered that PHP did not always check the return value of the zend_strndup function. This could allow a remote attacker to cause a denial of service. (CVE-2011-4153)

It was discovered that PHP did not properly enforce libxslt security settings. This could allow a remote attacker to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. (CVE-2012-0057)

It was discovered that PHP did not properly enforce that PDORow objects could not be serialized and not be saved in a session. A remote attacker could use this to cause a denial of service via an application crash. (CVE-2012-0788)

It was discovered that PHP allowed the magic_quotes_gpc setting to be disabled remotely. This could allow a remote attacker to bypass restrictions that could prevent an SQL injection. (CVE-2012-0831)

USN 1126-1 addressed an issue where the /etc/cron.d/php5 cron job for PHP allowed local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. Emese Revfy discovered that the fix had not been applied to PHP for Ubuntu 10.04 LTS. This update corrects the issue. We apologize for the error. (CVE-2011-0441)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10:
libapache2-mod-php5 5.3.6-13ubuntu3.5
php5 5.3.6-13ubuntu3.5
php5-cgi 5.3.6-13ubuntu3.5
php5-cli 5.3.6-13ubuntu3.5
php5-common 5.3.6-13ubuntu3.5
php5-xsl 5.3.6-13ubuntu3.5

Ubuntu 11.04:
libapache2-mod-php5 5.3.5-1ubuntu7.6
php5 5.3.5-1ubuntu7.6
php5-cgi 5.3.5-1ubuntu7.6
php5-cli 5.3.5-1ubuntu7.6
php5-common 5.3.5-1ubuntu7.6
php5-xsl 5.3.5-1ubuntu7.6

Ubuntu 10.10:
libapache2-mod-php5 5.3.3-1ubuntu9.9
php5 5.3.3-1ubuntu9.9
php5-cgi 5.3.3-1ubuntu9.9
php5-cli 5.3.3-1ubuntu9.9
php5-common 5.3.3-1ubuntu9.9
php5-xsl 5.3.3-1ubuntu9.9

Ubuntu 10.04 LTS:
libapache2-mod-php5 5.3.2-1ubuntu4.13
php5 5.3.2-1ubuntu4.13
php5-cgi 5.3.2-1ubuntu4.13
php5-cli 5.3.2-1ubuntu4.13
php5-common 5.3.2-1ubuntu4.13
php5-xsl 5.3.2-1ubuntu4.13

Ubuntu 8.04 LTS:
libapache2-mod-php5 5.2.4-2ubuntu5.22
php5 5.2.4-2ubuntu5.22
php5-cgi 5.2.4-2ubuntu5.22
php5-cli 5.2.4-2ubuntu5.22
php5-common 5.2.4-2ubuntu5.22
php5-xsl 5.2.4-2ubuntu5.22

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1358-1
CVE-2011-0441, CVE-2011-4153, CVE-2011-4885, CVE-2012-0057,
CVE-2012-0788, CVE-2012-0830, CVE-2012-0831

Package Information:
https://launchpad.net/ubuntu/+source/php5/5.3.6-13ubuntu3.5
https://launchpad.net/ubuntu/+source/php5/5.3.5-1ubuntu7.6
https://launchpad.net/ubuntu/+source/php5/5.3.3-1ubuntu9.9
https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.13
https://launchpad.net/ubuntu/+source/php5/5.2.4-2ubuntu5.22

Original Source

Url : http://www.ubuntu.com/usn/USN-1358-1

CWE : Common Weakness Enumeration

% Id Name
57 % CWE-20 Improper Input Validation
14 % CWE-399 Resource Management Errors
14 % CWE-264 Permissions, Privileges, and Access Controls
14 % CWE-59 Improper Link Resolution Before File Access ('Link Following')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14797
 
Oval ID: oval:org.mitre.oval:def:14797
Title: DSA-2399-2 php5 -- several
Description: A regression was found in the fix for PHP's XSLT transformations. Updated packages are now available to address this regression. For reference, the original advisory text follows. Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP. NOTE: at the time of release packages for some architectures are still being built. They will be installed into the archive as soon as they arrive.
Family: unix Class: patch
Reference(s): DSA-2399-2
CVE-2011-1938
CVE-2011-2483
CVE-2011-4566
CVE-2011-4885
CVE-2012-0057
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15236
 
Oval ID: oval:org.mitre.oval:def:15236
Title: USN-1358-1 -- PHP vulnerabilities
Description: php5: HTML-embedded scripting language interpreter Multiple vulnerabilities in PHP.
Family: unix Class: patch
Reference(s): USN-1358-1
CVE-2011-4885
CVE-2012-0830
CVE-2011-4153
CVE-2012-0057
CVE-2012-0788
CVE-2012-0831
CVE-2011-0441
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 11.10
Ubuntu 8.04
Ubuntu 10.04
Ubuntu 10.10
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15306
 
Oval ID: oval:org.mitre.oval:def:15306
Title: DSA-2403-1 php5 -- code injection
Description: Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.
Family: unix Class: patch
Reference(s): DSA-2403-1
CVE-2012-0830
Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15401
 
Oval ID: oval:org.mitre.oval:def:15401
Title: DSA-2399-1 php5 -- several
Description: Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2011-1938 The UNIX socket handling allowed attackers to trigger a buffer overflow via a long path name. CVE-2011-2483 The crypt_blowfish function did not properly handle 8-bit characters, which made it easier for attackers to determine a cleartext password by using knowledge of a password hash. CVE-2011-4566 When used on 32 bit platforms, the exif extension could be used to trigger an integer overflow in the exif_process_IFD_TAG function when processing a JPEG file. CVE-2011-4885 It was possible to trigger hash collisions predictably when parsing form parameters, which allows remote attackers to cause a denial of service by sending many crafted parameters. CVE-2012-0057 When applying a crafted XSLT transform, an attacker could write files to arbitrary places in the filesystem. NOTE: the fix for CVE-2011-2483 required changing the behaviour of this function: it is now incompatible with some old generated hashes for passwords containing 8-bit characters. See the package NEWS entry for details. This change has not been applied to the Lenny version of PHP.
Family: unix Class: patch
Reference(s): DSA-2399-1
CVE-2011-1938
CVE-2011-2483
CVE-2011-4566
CVE-2011-4885
CVE-2012-0057
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15412
 
Oval ID: oval:org.mitre.oval:def:15412
Title: DSA-2403-2 php5 -- code injection
Description: Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code. This update adds packages
Family: unix Class: patch
Reference(s): DSA-2403-2
CVE-2012-0830
Version: 5
Platform(s): Debian GNU/Linux 5.0
Product(s): php5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15505
 
Oval ID: oval:org.mitre.oval:def:15505
Title: USN-1358-2 -- PHP regression
Description: php5: HTML-embedded scripting language interpreter Details: USN 1358-1 fixed multiple vulnerabilities in PHP. The fix for CVE-2012-0831 introduced a regression where the state of the magic_quotes_gpc setting was not correctly reflected when calling the ini_get function. We apologize for the inconvenience. Original advisory USN 1358-1 introduced a regression in PHP.
Family: unix Class: patch
Reference(s): USN-1358-2
CVE-2012-0831
CVE-2011-4885
CVE-2012-0830
CVE-2011-4153
CVE-2012-0057
CVE-2012-0788
CVE-2011-0441
Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 11.10
Ubuntu 8.04
Ubuntu 10.04
Ubuntu 10.10
Product(s): PHP
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19075
 
Oval ID: oval:org.mitre.oval:def:19075
Title: HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS)
Description: PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that performs strndup operations on untrusted string data, as demonstrated by the define function in zend_builtin_functions.c, and unspecified functions in ext/soap/php_sdl.c, ext/standard/syslog.c, ext/standard/browscap.c, ext/oci8/oci8.c, ext/com_dotnet/com_typeinfo.c, and main/php_open_temporary_file.c.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4153
Version: 12
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19710
 
Oval ID: oval:org.mitre.oval:def:19710
Title: HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: vulnerability
Reference(s): CVE-2012-0830
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19791
 
Oval ID: oval:org.mitre.oval:def:19791
Title: HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4885
Version: 10
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20868
 
Oval ID: oval:org.mitre.oval:def:20868
Title: RHSA-2012:0092: php53 security update (Critical)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: patch
Reference(s): RHSA-2012:0092-01
CESA-2012:0092
CVE-2012-0830
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21314
 
Oval ID: oval:org.mitre.oval:def:21314
Title: RHSA-2012:0093: php security update (Critical)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: patch
Reference(s): RHSA-2012:0093-01
CESA-2012:0093
CVE-2012-0830
Version: 4
Platform(s): Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
CentOS Linux 5
CentOS Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21336
 
Oval ID: oval:org.mitre.oval:def:21336
Title: RHSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): RHSA-2012:0019-01
CESA-2012:0019
CVE-2011-4566
CVE-2011-4885
Version: 29
Platform(s): Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
CentOS Linux 5
CentOS Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21346
 
Oval ID: oval:org.mitre.oval:def:21346
Title: RHSA-2012:0033: php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): RHSA-2012:0033-01
CESA-2012:0033
CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
CVE-2011-4566
CVE-2011-4885
Version: 94
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23189
 
Oval ID: oval:org.mitre.oval:def:23189
Title: ELSA-2012:0092: php53 security update (Critical)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: patch
Reference(s): ELSA-2012:0092-01
CVE-2012-0830
Version: 6
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23205
 
Oval ID: oval:org.mitre.oval:def:23205
Title: DEPRECATED: ELSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0019-01
CVE-2011-4566
CVE-2011-4885
Version: 14
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23207
 
Oval ID: oval:org.mitre.oval:def:23207
Title: ELSA-2012:0033: php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0033-01
CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
CVE-2011-4566
CVE-2011-4885
Version: 33
Platform(s): Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23309
 
Oval ID: oval:org.mitre.oval:def:23309
Title: DEPRECATED: ELSA-2012:0093: php security update (Critical)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: patch
Reference(s): ELSA-2012:0093-01
CVE-2012-0830
Version: 7
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23589
 
Oval ID: oval:org.mitre.oval:def:23589
Title: ELSA-2012:0019: php53 and php security update (Moderate)
Description: PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
Family: unix Class: patch
Reference(s): ELSA-2012:0019-01
CVE-2011-4566
CVE-2011-4885
Version: 13
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23590
 
Oval ID: oval:org.mitre.oval:def:23590
Title: ELSA-2012:0093: php security update (Critical)
Description: The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885.
Family: unix Class: patch
Reference(s): ELSA-2012:0093-01
CVE-2012-0830
Version: 6
Platform(s): Oracle Linux 6
Oracle Linux 5
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26943
 
Oval ID: oval:org.mitre.oval:def:26943
Title: DEPRECATED: ELSA-2013-0514 -- php security, bug fix and enhancement update (moderate)
Description: It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. (CVE-2011-1398) An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir() function. If a remote attacker could upload an excessively large number of files to a directory the scandir() function runs on, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-2688) It was found that PHP did not correctly handle the magic_quotes_gpc configuration directive. This could result in magic_quotes_gpc input escaping not being applied in all cases, possibly making it easier for a remote attacker to perform SQL injection attacks. (CVE-2012-0831)
Family: unix Class: patch
Reference(s): ELSA-2013-0514
CVE-2012-2688
CVE-2011-1398
CVE-2012-0831
Version: 4
Platform(s): Oracle Linux 6
Product(s): php
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27592
 
Oval ID: oval:org.mitre.oval:def:27592
Title: DEPRECATED: ELSA-2012-0092 -- php53 security update (critical)
Description: [5.3.3-1.6] - add security fix for CVE-2012-0830 (#786757)
Family: unix Class: patch
Reference(s): ELSA-2012-0092
CVE-2012-0830
Version: 4
Platform(s): Oracle Linux 5
Product(s): php53
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27760
 
Oval ID: oval:org.mitre.oval:def:27760
Title: DEPRECATED: ELSA-2012-0019 -- php53 and php security update (moderate)
Description: [5.3.3-3.5] - remove extra php.ini-prod/devel files caused by %patch -b [5.3.3-3.4] - add security fixes for CVE-2011-4885, CVE-2011-4566 (#769754)
Family: unix Class: patch
Reference(s): ELSA-2012-0019
CVE-2011-4566
CVE-2011-4885
Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
Product(s): php53
php
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 388

ExploitDB Exploits

id Description
2012-01-14 PHP 5.3.8 Multiple Vulnerabilities
2012-01-03 PHP Hash Table Collision Proof Of Concept
2012-01-01 PHP Hashtables Denial of Service

OpenVAS Exploits

Date Description
2012-12-13 Name : SuSE Update for update openSUSE-SU-2012:0426-1 (update)
File : nvt/gb_suse_2012_0426_1.nasl
2012-09-26 Name : Gentoo Security Advisory GLSA 201209-03 (php)
File : nvt/glsa_201209_03.nasl
2012-09-25 Name : Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)
File : nvt/gb_macosx_su12-004.nasl
2012-09-10 Name : Slackware Advisory SSA:2012-041-02 php
File : nvt/esoft_slk_ssa_2012_041_02.nasl
2012-08-03 Name : Mandriva Update for php MDVSA-2012:065 (php)
File : nvt/gb_mandriva_MDVSA_2012_065.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:0019 centos5
File : nvt/gb_CESA-2012_0019_php53_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:1046 centos6
File : nvt/gb_CESA-2012_1046_php_centos6.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:1045 centos5
File : nvt/gb_CESA-2012_1045_php_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos6
File : nvt/gb_CESA-2012_0093_php_centos6.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos5
File : nvt/gb_CESA-2012_0093_php_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0093 centos4
File : nvt/gb_CESA-2012_0093_php_centos4.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:0092 centos5
File : nvt/gb_CESA-2012_0092_php53_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0071 centos4
File : nvt/gb_CESA-2012_0071_php_centos4.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0033 centos5
File : nvt/gb_CESA-2012_0033_php_centos5.nasl
2012-07-30 Name : CentOS Update for php CESA-2012:0019 centos6
File : nvt/gb_CESA-2012_0019_php_centos6.nasl
2012-07-30 Name : CentOS Update for php53 CESA-2012:1047 centos5
File : nvt/gb_CESA-2012_1047_php53_centos5.nasl
2012-06-28 Name : RedHat Update for php RHSA-2012:1045-01
File : nvt/gb_RHSA-2012_1045-01_php.nasl
2012-06-28 Name : RedHat Update for php RHSA-2012:1046-01
File : nvt/gb_RHSA-2012_1046-01_php.nasl
2012-06-28 Name : RedHat Update for php53 RHSA-2012:1047-01
File : nvt/gb_RHSA-2012_1047-01_php53.nasl
2012-06-14 Name : PHP versoin < 5.3.9
File : nvt/nopsec_php_5_3_9.nasl
2012-05-18 Name : Mac OS X Multiple Vulnerabilities (2012-002)
File : nvt/gb_macosx_su12-002.nasl
2012-05-08 Name : Fedora Update for php FEDORA-2012-6911
File : nvt/gb_fedora_2012_6911_php_fc15.nasl
2012-05-08 Name : Fedora Update for php-eaccelerator FEDORA-2012-6911
File : nvt/gb_fedora_2012_6911_php-eaccelerator_fc15.nasl
2012-05-08 Name : Fedora Update for maniadrive FEDORA-2012-6911
File : nvt/gb_fedora_2012_6911_maniadrive_fc15.nasl
2012-05-08 Name : Fedora Update for php FEDORA-2012-6907
File : nvt/gb_fedora_2012_6907_php_fc16.nasl
2012-05-08 Name : Fedora Update for php-eaccelerator FEDORA-2012-6907
File : nvt/gb_fedora_2012_6907_php-eaccelerator_fc16.nasl
2012-05-08 Name : Fedora Update for maniadrive FEDORA-2012-6907
File : nvt/gb_fedora_2012_6907_maniadrive_fc16.nasl
2012-04-30 Name : FreeBSD Ports: php
File : nvt/freebsd_php.nasl
2012-04-12 Name : PHP Security Bypass Vulnerability
File : nvt/gb_php_51806.nasl
2012-04-02 Name : Fedora Update for maniadrive FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_maniadrive_fc16.nasl
2012-04-02 Name : Fedora Update for php FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_php_fc16.nasl
2012-04-02 Name : Fedora Update for maniadrive FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_maniadrive_fc16.nasl
2012-04-02 Name : Fedora Update for php FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_php_fc16.nasl
2012-03-19 Name : Fedora Update for php-eaccelerator FEDORA-2012-1262
File : nvt/gb_fedora_2012_1262_php-eaccelerator_fc16.nasl
2012-03-19 Name : Fedora Update for php-eaccelerator FEDORA-2012-0504
File : nvt/gb_fedora_2012_0504_php-eaccelerator_fc16.nasl
2012-03-12 Name : Debian Security Advisory DSA 2408-1 (php5)
File : nvt/deb_2408_1.nasl
2012-02-21 Name : Ubuntu Update for php5 USN-1358-2
File : nvt/gb_ubuntu_USN_1358_2.nasl
2012-02-21 Name : Fedora Update for maniadrive FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_maniadrive_fc15.nasl
2012-02-21 Name : Fedora Update for php-eaccelerator FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_php-eaccelerator_fc15.nasl
2012-02-21 Name : Fedora Update for php FEDORA-2012-1301
File : nvt/gb_fedora_2012_1301_php_fc15.nasl
2012-02-13 Name : Ubuntu Update for php5 USN-1358-1
File : nvt/gb_ubuntu_USN_1358_1.nasl
2012-02-12 Name : FreeBSD Ports: php5
File : nvt/freebsd_php514.nasl
2012-02-12 Name : Debian Security Advisory DSA 2399-1 (php5)
File : nvt/deb_2399_1.nasl
2012-02-12 Name : Debian Security Advisory DSA 2399-2 (php5)
File : nvt/deb_2399_2.nasl
2012-02-12 Name : Debian Security Advisory DSA 2403-1 (php5)
File : nvt/deb_2403_1.nasl
2012-02-12 Name : Debian Security Advisory DSA 2403-2 (php5)
File : nvt/deb_2403_2.nasl
2012-02-12 Name : FreeBSD Ports: php5, php5-exif
File : nvt/freebsd_php515.nasl
2012-02-10 Name : PHP 'magic_quotes_gpc' Directive Security Bypass Vulnerability (Windows)
File : nvt/gb_php_magic_quotes_gpc_sec_bypass_vuln_win.nasl
2012-02-10 Name : PHP 'php_register_variable_ex()' Remote Code Execution Vulnerability (Windows)
File : nvt/gb_php_register_var_fun_arbitrary_code_exec_vuln_win.nasl
2012-02-03 Name : RedHat Update for php53 RHSA-2012:0092-01
File : nvt/gb_RHSA-2012_0092-01_php53.nasl
2012-02-03 Name : RedHat Update for php RHSA-2012:0093-01
File : nvt/gb_RHSA-2012_0093-01_php.nasl
2012-02-01 Name : Fedora Update for php FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_php_fc15.nasl
2012-02-01 Name : Fedora Update for php-eaccelerator FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_php-eaccelerator_fc15.nasl
2012-02-01 Name : Fedora Update for maniadrive FEDORA-2012-0420
File : nvt/gb_fedora_2012_0420_maniadrive_fc15.nasl
2012-02-01 Name : RedHat Update for php RHSA-2012:0071-01
File : nvt/gb_RHSA-2012_0071-01_php.nasl
2012-01-23 Name : PHP Multiple Denial of Service Vulnerabilities (Windows)
File : nvt/gb_php_mult_dos_vuln_win.nasl
2012-01-20 Name : RedHat Update for php RHSA-2012:0033-01
File : nvt/gb_RHSA-2012_0033-01_php.nasl
2012-01-13 Name : RedHat Update for php53 and php RHSA-2012:0019-01
File : nvt/gb_RHSA-2012_0019-01_php53_and_php.nasl
2012-01-03 Name : PHP Web Form Hash Collision Denial of Service Vulnerability (Win)
File : nvt/gb_php_web_form_hash_collision_dos_vuln_win.nasl
2012-01-02 Name : Mandriva Update for php MDVSA-2011:197 (php)
File : nvt/gb_mandriva_MDVSA_2011_197.nasl
2011-05-12 Name : Debian Security Advisory DSA 2195-1 (php5)
File : nvt/deb_2195_1.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-1
File : nvt/gb_ubuntu_USN_1126_1.nasl
2011-05-10 Name : Ubuntu Update for php5 USN-1126-2
File : nvt/gb_ubuntu_USN_1126_2.nasl
2011-04-11 Name : Mandriva Update for php MDVSA-2011:069 (php)
File : nvt/gb_mandriva_MDVSA_2011_069.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78570 PHP zend_strndup Function Return Value Parsing Remote DoS

78115 PHP Hash Collission Form Parameter Parsing Remote DoS

PHP contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends multiple crafted parameters which trigger hash collisions, and will result in loss of availability for the program via CPU consumption.
73706 PHP on Debian GNU/Linux /etc/cron.d/php5 Directory Symlink Arbitrary File Del...

Snort® IPS/IDS

Date Description
2014-01-10 libtidy null pointer dereference attempt
RuleID : 23995 - Revision : 5 - Type : SERVER-WEBAPP
2014-01-10 zend_strndup null pointer dereference attempt
RuleID : 23994 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 generic web server hashing collision attack
RuleID : 20825 - Revision : 11 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2014-11-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13588.nasl - Type : ACT_GATHER_INFO
2014-10-10 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL13519.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-182.nasl - Type : ACT_GATHER_INFO
2013-10-03 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-10-01 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1307.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-37.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2012-41.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1045.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2013-0514.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2013-03-10 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2013-0514.nasl - Type : ACT_GATHER_INFO
2013-02-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0514.nasl - Type : ACT_GATHER_INFO
2012-09-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201209-03.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2012-004.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_7_5.nasl - Type : ACT_GATHER_INFO
2012-09-20 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_8_2.nasl - Type : ACT_GATHER_INFO
2012-08-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_07234e78e89911e1b38d0023ae8e59f0.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120118_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120627_php_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120627_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120627_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120202_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120202_php53_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120111_php53_and_php_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120130_php_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-07-11 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2012-07-05 Name : The remote web server is affected by multiple vulnerabilities.
File : hpsmh_7_1_1_1.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1046.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-1047.nasl - Type : ACT_GATHER_INFO
2012-06-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-1045.nasl - Type : ACT_GATHER_INFO
2012-05-10 Name : The remote host is missing a Mac OS X update that fixes several security issues.
File : macosx_10_7_4.nasl - Type : ACT_GATHER_INFO
2012-05-07 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-6907.nasl - Type : ACT_GATHER_INFO
2012-05-07 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-6911.nasl - Type : ACT_GATHER_INFO
2012-05-01 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_2cde1892913e11e1b44c001fd0af1a4c.nasl - Type : ACT_GATHER_INFO
2012-04-27 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2012-065.nasl - Type : ACT_GATHER_INFO
2012-04-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php5-120309.nasl - Type : ACT_GATHER_INFO
2012-04-06 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_apache2-mod_php53-120309.nasl - Type : ACT_GATHER_INFO
2012-03-26 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_apache2-mod_php5-8009.nasl - Type : ACT_GATHER_INFO
2012-02-20 Name : The remote web server uses a version of PHP that is affected by a code execut...
File : php_5_3_9_ace.nasl - Type : ACT_ATTACK
2012-02-15 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-1301.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1358-2.nasl - Type : ACT_GATHER_INFO
2012-02-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2408.nasl - Type : ACT_GATHER_INFO
2012-02-13 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2012-041-02.nasl - Type : ACT_GATHER_INFO
2012-02-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1358-1.nasl - Type : ACT_GATHER_INFO
2012-02-09 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-1262.nasl - Type : ACT_GATHER_INFO
2012-02-06 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_3fd040be4f0b11e19e320025900931f8.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2403.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote web server uses a version of PHP that is affected by a code execut...
File : php_5_3_10.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0092.nasl - Type : ACT_GATHER_INFO
2012-02-03 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0093.nasl - Type : ACT_GATHER_INFO
2012-02-01 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2399.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0071.nasl - Type : ACT_GATHER_INFO
2012-01-27 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-0420.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2012-01-20 Name : The remote Fedora host is missing one or more security updates.
File : fedora_2012-0504.nasl - Type : ACT_GATHER_INFO
2012-01-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0033.nasl - Type : ACT_GATHER_INFO
2012-01-13 Name : The remote web server uses a version of PHP that is affected by multiple flaws.
File : php_5_3_9.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_d39218103c8011e197e800215c6a37bb.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0019.nasl - Type : ACT_GATHER_INFO
2012-01-03 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-197.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-2.nasl - Type : ACT_GATHER_INFO
2011-06-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1126-1.nasl - Type : ACT_GATHER_INFO
2011-04-11 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-069.nasl - Type : ACT_GATHER_INFO
2011-03-21 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2195.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:59:39
  • Multiple Updates