Lucene search
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-3198.NASLHistoryMar 23, 2015 - 12:00 a.m.
Debian DSA-3198-1 : php5 - security update
2015-03-2300:00:00
This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
23
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.953 High
EPSS
Percentile
99.4%
Multiple vulnerabilities have been discovered in the PHP language :
-
CVE-2015-2301 Use-after-free in the phar extension.
-
CVE-2015-2331 Emmanuel Law discovered an integer overflow in the processing of ZIP archives, resulting in denial of service or potentially the execution of arbitrary code.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-3198. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(81982);
script_version("1.17");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2015-2301", "CVE-2015-2331", "CVE-2015-2348", "CVE-2015-2787");
script_bugtraq_id(73037, 73182);
script_xref(name:"DSA", value:"3198");
script_name(english:"Debian DSA-3198-1 : php5 - security update");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Multiple vulnerabilities have been discovered in the PHP language :
- CVE-2015-2301
Use-after-free in the phar extension.
- CVE-2015-2331
Emmanuel Law discovered an integer overflow in the
processing of ZIP archives, resulting in denial of
service or potentially the execution of arbitrary code."
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2015-2301"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2015-2331"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/wheezy/php5"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2015/dsa-3198"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the php5 packages.
For the stable distribution (wheezy), these problems have been fixed
in version 5.4.39-0+deb7u1. This update also fixes a regression in the
curl support introduced in DSA 3195."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0");
script_set_attribute(attribute:"patch_publication_date", value:"2015/03/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/23");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"7.0", prefix:"libapache2-mod-php5", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"libapache2-mod-php5filter", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"libphp5-embed", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php-pear", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-cgi", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-cli", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-common", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-curl", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-dbg", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-dev", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-enchant", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-fpm", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-gd", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-gmp", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-imap", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-interbase", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-intl", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-ldap", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mcrypt", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mysql", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-mysqlnd", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-odbc", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-pgsql", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-pspell", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-recode", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-snmp", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-sqlite", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-sybase", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-tidy", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-xmlrpc", reference:"5.4.39-0+deb7u1")) flag++;
if (deb_check(release:"7.0", prefix:"php5-xsl", reference:"5.4.39-0+deb7u1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | php5 | p-cpe:/a:debian:debian_linux:php5 |
| debian | debian_linux | 7.0 | cpe:/o:debian:debian_linux:7.0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2348
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2787
packages.debian.org/source/wheezy/php5
security-tracker.debian.org/tracker/CVE-2015-2301
security-tracker.debian.org/tracker/CVE-2015-2331
www.debian.org/security/2015/dsa-3198
Related
openvas
openvas
Debian: Security Advisory (DSA-3198-1)
2015-03-19 00:00:00
Debian Security Advisory DSA 3198-1 (php5 - security update)
2015-03-20 00:00:00
PHP Multiple Vulnerabilities - 01 (Jun 2015) - Windows
2015-06-16 00:00:00
f5
f5
SOL16714 - PHP vulnerabilities CVE-2015-2301 and CVE-2015-2331
2015-06-08 00:00:00
K16714 : PHP vulnerabilities CVE-2015-2301 and CVE-2015-2331
2015-06-08 00:00:00
K16486 : PHP vulnerability CVE-2015-2787
2015-04-22 00:00:00
debian
debian
[SECURITY] [DSA 3198-2] php5 regression update
2015-03-28 18:47:31
[SECURITY] [DSA 3198-1] php5 security update
2015-03-20 17:31:08
[SECURITY] [DSA 3198-2] php5 regression update
2015-03-28 18:47:31
nessus
nessus
openSUSE Security Update : php5 (openSUSE-2015-295)
2015-04-09 00:00:00
PHP 5.6.x < 5.6.7 Multiple Vulnerabilities
2019-01-09 00:00:00
PHP 5.4.x < 5.4.39 Multiple Vulnerabilities
2015-03-24 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3198-1] php5 security update
2015-03-21 00:00:00
PHP multiple security vulnerabilities
2015-03-21 00:00:00
[USN-2535-1] PHP vulnerabilities
2015-03-18 00:00:00
osv
osv
php5 - regression update
2015-03-20 00:00:00
php5 - security update
2015-03-20 00:00:00
php5 - security update
2015-04-29 00:00:00
mageia
mageia
Updated php and libzip packages fix security vulnerabilities
2015-04-04 14:13:35
kaspersky
kaspersky
KLA10514 Multiple vulnerabilities in PHP and plugins
2015-03-30 00:00:00
KLA10515 Multiple vulnerabilities in PHP and extensions
2015-03-30 00:00:00
ubuntucve
ubuntucve
freebsd
freebsd
libzip -- integer overflow
2015-03-18 00:00:00
Several vulnerabilities found in PHP
2015-03-19 00:00:00
Several vulnerabilities found in PHP
2015-04-16 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: mingw-libzip-0.11.2-3.fc21
2015-04-05 14:31:52
[SECURITY] Fedora 20 Update: mingw-libzip-0.11.2-3.fc20
2015-04-05 14:33:09
[SECURITY] Fedora 21 Update: php-5.6.7-1.fc21
2015-03-30 07:11:57
prion
prion
Integer overflow
2015-03-30 10:59:00
Design/Logic Flaw
2015-03-30 10:59:00
Information disclosure
2015-03-30 10:59:00
hackerone
hackerone
cvelist
cvelist
seebug
seebug
PHPε€ηζ¬οΌ5.2,5.4.38~5.6.6οΌδ»»ζζδ»ΆδΈδΌ ζΌζ΄
2015-10-10 00:00:00
suse
suse
Security update for php5 (important)
2015-05-13 15:07:04
checkpoint_advisories
checkpoint_advisories
PHP Group PHP ZIP Integer Overflow (CVE-2015-2331)
2015-04-14 00:00:00
cve
cve
nvd
nvd
debiancve
debiancve
CVE-2015-2331
2015-03-30 10:59:12
archlinux
archlinux
php: integer overflow
2015-03-28 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2015-04-20 00:00:00
PHP vulnerabilities
2015-03-18 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1907
2021-07-02 17:26:08
amazon
amazon
Important: php54
2015-04-15 21:49:00
Important: php56
2015-04-15 21:50:00
Important: php55
2015-04-15 21:49:00
veracode
veracode
Use-After-Free
2019-05-02 05:39:23
Null Pointer Dereference
2019-05-02 05:39:23
Remote Code Execution (RCE) Via Memory Corruption
2019-05-02 05:39:23
slackware
slackware
[slackware-security] php
2015-04-22 01:22:40
oraclelinux
oraclelinux
php55 security and bug fix update
2016-02-04 00:00:00
php54 security and bug fix update
2016-02-04 00:00:00
php security update
2015-07-09 00:00:00
redhat
redhat
(RHSA-2015:1053) Moderate: php55 security and bug fix update
2015-06-04 00:00:00
(RHSA-2015:1066) Important: php54 security and bug fix update
2015-06-04 00:00:00
(RHSA-2015:1135) Important: php security and bug fix update
2015-06-23 00:00:00
centos
centos
php security update
2015-06-24 03:28:02
php security update
2015-07-09 19:23:41
gentoo
gentoo
PHP: Multiple vulnerabilities
2016-06-19 00:00:00
ibm
ibm
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.953 High
EPSS
Percentile
99.4%
Related for DEBIAN_DSA-3198.NASL