Lucene search
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.MANDRIVA_MDVSA-2014-014.NASLHistoryJan 22, 2014 - 12:00 a.m.
Mandriva Linux Security Advisory : php (MDVSA-2014:014)
2014-01-2200:00:00
This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.
www.tenable.com
30
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.95 High
EPSS
Percentile
99.3%
Multiple vulnerabilities has been discovered and corrected in php :
The openssl_x509_parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a ‘\0’ character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2013-4248).
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function (CVE-2013-6420).
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted interval specification (CVE-2013-6712).
The updated php packages have been upgraded to the 5.5.8 version which is not vulnerable to these issues.
Additionally, the PECL packages which requires so has been rebuilt for php-5.5.8 and some has been upgraded to their latest versions.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Mandriva Linux Security Advisory MDVSA-2014:014.
# The text itself is copyright (C) Mandriva S.A.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(72082);
script_version("1.8");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2013-4248", "CVE-2013-6420", "CVE-2013-6712");
script_bugtraq_id(61776, 64018, 64225);
script_xref(name:"MDVSA", value:"2014:014");
script_name(english:"Mandriva Linux Security Advisory : php (MDVSA-2014:014)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Mandriva Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Multiple vulnerabilities has been discovered and corrected in php :
The openssl_x509_parse function in openssl.c in the OpenSSL module in
PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a
'\0' character in a domain name in the Subject Alternative Name field
of an X.509 certificate, which allows man-in-the-middle attackers to
spoof arbitrary SSL servers via a crafted certificate issued by a
legitimate Certification Authority, a related issue to CVE-2009-2408
(CVE-2013-4248).
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP
before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not
properly parse (1) notBefore and (2) notAfter timestamps in X.509
certificates, which allows remote attackers to execute arbitrary code
or cause a denial of service (memory corruption) via a crafted
certificate that is not properly handled by the openssl_x509_parse
function (CVE-2013-6420).
The scan function in ext/date/lib/parse_iso_intervals.c in PHP through
5.5.6 does not properly restrict creation of DateInterval objects,
which might allow remote attackers to cause a denial of service
(heap-based buffer over-read) via a crafted interval specification
(CVE-2013-6712).
The updated php packages have been upgraded to the 5.5.8 version which
is not vulnerable to these issues.
Additionally, the PECL packages which requires so has been rebuilt for
php-5.5.8 and some has been upgraded to their latest versions."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.php.net/ChangeLog-5.php#5.5.8"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:apache-mod_php");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64json-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64json2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mbfl-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64mbfl1");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64php5_common5");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-amf");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apacheaccessor");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apc-admin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-apm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-archive");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-auth_nds");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bbcode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bcmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bcompiler");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bitset");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bloomy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-braille");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-bz2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cairo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cairo_wrapper");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-calendar");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cgi");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-courierauth");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ctype");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-curl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-cyrus");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dav");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dbase");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dbx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dio");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-dom");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-doublemetaphone");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-drizzle");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-enchant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-event");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-exif");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-expect");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fam");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fileinfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-filepro");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-filter");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-fpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ftp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gender");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-geoip");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gettext");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gnupg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gnutls");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-gtk2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-haru");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-hash");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-hidef");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-htscanner");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-iconv");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-id3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-imagick");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-imap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-inclued");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ini");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-inotify");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-intl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-json");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-libevent");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mbstring");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mcrypt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mcve");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-memcache");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-memcached");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mnogosearch");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mongo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mssql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysqli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-mysqlnd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-newt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-oggvorbis");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-opcache");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-openssl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pam");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pcntl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_dblib");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pdo_sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-phar");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-posix");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-proctitle");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-radius");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-readline");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-recode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-rrdtool");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sasl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-session");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-shmop");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-soap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sockets");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sqlite");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sqlite3");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-ssh2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-suhosin");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-svn");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-swish");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sybase_ct");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-syck");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvmsg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvsem");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-sysvshm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tcpwrap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tdb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tidy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-timezonedb");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-tokenizer");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-txforward");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-uploadprogress");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-uuid");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-wbxml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-wddx");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xattr");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xdiff");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlreader");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xmlwriter");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xsl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-xslcache");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-yaml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-yaz");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-yp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-zip");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:php-zlib");
script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:1");
script_set_attribute(attribute:"patch_publication_date", value:"2014/01/21");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.");
script_family(english:"Mandriva Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
flag = 0;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"apache-mod_php-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64json-devel-0.11-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64json2-0.11-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mbfl-devel-1.2.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64mbfl1-1.2.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"lib64php5_common5-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-amf-0.9.2-10.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-apacheaccessor-1.0.1-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-apc-3.1.15-1.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-apc-admin-3.1.15-1.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-apm-1.1.0-1RC2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-archive-0.2-22.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-auth_nds-2.2.6-28.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bbcode-1.0.3-0.0.b1.5.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bcmath-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bcompiler-1.0.2-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bitset-2.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bloomy-0.1.0-11.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-braille-0.1.1-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-bz2-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-cairo-0.3.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-cairo_wrapper-0.2.4-12.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-calendar-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-cgi-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-cli-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-courierauth-0.1.0-26.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-ctype-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-curl-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-cyrus-1.0-30.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dav-1.2-4.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dba-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dbase-5.0.1-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dbx-1.1.2-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-devel-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dio-0.0.7-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", reference:"php-doc-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-dom-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-doublemetaphone-1.0.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-drizzle-0.4.2-8.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-enchant-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-event-1.8.1-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-exif-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-expect-0.3.1-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-fam-5.0.1-21.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-fileinfo-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-filepro-5.1.6-31.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-filter-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-fpm-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-ftp-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gd-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gender-1.0.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-geoip-1.0.8-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gettext-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gmp-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gnupg-1.3.2-8.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gnutls-0.3-0.rc1.25.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-gtk2-2.0.3-0.git20130225.1.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-haru-1.0.4-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-hash-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-hidef-0.1.13-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-htscanner-1.0.1-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-iconv-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-id3-0.2-33.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-imagick-3.1.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-imap-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-inclued-0.1.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-ini-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-inotify-0.1.6-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-intl-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-json-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-ldap-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-libevent-0.1.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mbstring-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mcrypt-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mcve-7.0.3-11.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-memcache-3.0.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-memcached-2.1.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mnogosearch-1.96-35.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mongo-1.4.5-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mssql-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mysql-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mysqli-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-mysqlnd-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-newt-1.2.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-odbc-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-oggvorbis-0.2-33.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-opcache-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-openssl-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pam-1.0.3-10.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pcntl-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo_dblib-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo_mysql-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo_odbc-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo_pgsql-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pdo_sqlite-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-pgsql-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-phar-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-posix-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-proctitle-0.1.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-radius-1.2.7-1.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-readline-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-recode-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-rrdtool-0-35.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sasl-0.1.0-36.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-session-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-shmop-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-snmp-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-soap-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sockets-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sqlite-1.0.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sqlite3-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-ssh2-0.12-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-suhosin-0.9.33-7.2.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-svn-1.0.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-swish-0.5.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sybase_ct-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-syck-0.9.3-17.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sysvmsg-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sysvsem-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-sysvshm-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-tcpwrap-1.1.3-18.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-tdb-1.0.0-18.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-tidy-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-timezonedb-2013.9-1.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-tk-0.1.1-29.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-tokenizer-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-txforward-1.0.7-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-uploadprogress-1.0.3.1-3.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-uuid-1.0.3-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-wbxml-1.0.3-14.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-wddx-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xattr-1.2.0-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xdiff-1.5.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xml-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xmlreader-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xmlrpc-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xmlwriter-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xsl-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-xslcache-0.7.2-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-yaml-1.1.1-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-yaz-1.1.6-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-yp-5.2.3-25.1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-zip-5.5.8-1.mbs1")) flag++;
if (rpm_check(release:"MDK-MBS1", cpu:"x86_64", reference:"php-zlib-5.5.8-1.mbs1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mandriva | linux | php-auth_nds | p-cpe:/a:mandriva:linux:php-auth_nds |
| mandriva | linux | php-bbcode | p-cpe:/a:mandriva:linux:php-bbcode |
| mandriva | linux | php-bcmath | p-cpe:/a:mandriva:linux:php-bcmath |
| mandriva | linux | php-bcompiler | p-cpe:/a:mandriva:linux:php-bcompiler |
| mandriva | linux | php-bitset | p-cpe:/a:mandriva:linux:php-bitset |
| mandriva | linux | php-bloomy | p-cpe:/a:mandriva:linux:php-bloomy |
| mandriva | linux | php-braille | p-cpe:/a:mandriva:linux:php-braille |
| mandriva | linux | php-bz2 | p-cpe:/a:mandriva:linux:php-bz2 |
| mandriva | linux | php-cairo | p-cpe:/a:mandriva:linux:php-cairo |
| mandriva | linux | php-cairo_wrapper | p-cpe:/a:mandriva:linux:php-cairo_wrapper |
Related
securityvulns
securityvulns
[ MDVSA-2014:014 ] php
2014-01-29 00:00:00
[ MDVSA-2013:221 ] php
2013-08-28 00:00:00
PHP / python certificate spoofing
2013-08-28 00:00:00
nessus
nessus
openSUSE Security Update : php5 (openSUSE-SU-2013:1963-1)
2014-06-13 00:00:00
SUSE SLES11 Security Update : PHP5 (SUSE-SU-2014:0064-1)
2015-05-20 00:00:00
SuSE 11.2 / 11.3 Security Update : PHP5 (SAT Patch Numbers 8683 / 8684)
2014-01-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0063-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0064-1)
2021-06-09 00:00:00
Debian Security Advisory DSA 2816-1 (php5 - several vulnerabilities)
2013-12-12 00:00:00
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2013-12-20 01:08:56
ubuntu
ubuntu
PHP vulnerabilities
2013-12-12 00:00:00
PHP vulnerability
2013-09-05 00:00:00
debian
debian
[SECURITY] [DSA 2816-1] php5 security update
2013-12-12 21:18:13
[SECURITY] [DSA 2742-1] php5 security update
2013-08-26 19:50:29
f5
f5
K14909 : OpenSSL vulnerability CVE-2013-4248
2014-01-15 00:00:00
SOL14909 - OpenSSL vulnerability CVE-2013-4248
2014-01-15 00:00:00
SOL15110 - PHP Vulnerability CVE-2013-6420
2014-03-27 00:00:00
osv
osv
php5 - several
2013-12-12 00:00:00
php5 - interpretation conflict
2013-08-26 00:00:00
prion
prion
Design/Logic Flaw
2013-08-18 02:52:00
Heap overflow
2013-11-28 04:37:00
Memory corruption
2013-12-17 04:46:00
nvd
nvd
cvelist
cvelist
ubuntucve
ubuntucve
cve
cve
amazon
amazon
suse
suse
Security update for PHP5 (important)
2014-07-05 02:05:05
Security update for PHP5 (important)
2014-07-07 19:04:42
ibm
ibm
fedora
fedora
[SECURITY] Fedora 19 Update: php-5.5.7-1.fc19
2013-12-13 05:03:19
[SECURITY] Fedora 19 Update: php-5.5.11-1.fc19
2014-04-15 15:45:54
[SECURITY] Fedora 18 Update: php-5.4.23-1.fc18
2013-12-20 02:04:53
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:02:52
Remote Code Execution (RCE)
2019-01-15 08:53:15
Man-in-the-Middle (MitM)
2020-04-10 00:33:40
checkpoint_advisories
checkpoint_advisories
PHP DateInterval Heap Buffer Overread Denial of Service (CVE-2013-6712)
2014-01-22 00:00:00
PHP SSL Certificate Validation Security Bypass (CVE-2013-4248)
2013-08-28 00:00:00
PHP OpenSSL Extension X.509 Certificate Memory Corruption (CVE-2013-6420)
2013-12-26 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2013-12-10 00:00:00
exploitpack
exploitpack
PHP - openssl_x509_parse() Memory Corruption
2013-12-17 00:00:00
freebsd
freebsd
PHP5 -- memory corruption in openssl_x509_parse()
2013-12-13 00:00:00
debiancve
debiancve
CVE-2009-2408
2009-07-30 19:30:00
slackware
slackware
[slackware-security] php
2013-08-30 07:46:30
php
2014-01-13 22:30:32
redhat
redhat
(RHSA-2013:1826) Critical: php security update
2013-12-12 00:00:00
(RHSA-2013:1815) Critical: php security update
2013-12-11 00:00:00
(RHSA-2013:1825) Critical: php53 security update
2013-12-11 00:00:00
packetstorm
packetstorm
PHP openssl_x509_parse() Memory Corruption
2013-12-15 00:00:00
seebug
seebug
PHP openssl_x509_parse() - Memory Corruption Vulnerability
2014-07-01 00:00:00
Mozilla Firefox NULL字符CA SSL证书验证安全绕过漏洞
2009-07-31 00:00:00
PHP OpenSSL Extension 'openssl_x509_parse()'内存破坏漏洞
2013-12-18 00:00:00
threatpost
threatpost
Apple Safari
2009-12-29 21:50:26
centos
centos
php, php53 security update
2013-12-11 09:25:38
hackerone
hackerone
mozilla
mozilla
Compromise of SSL-protected communication — Mozilla
2009-08-01 00:00:00
exploitdb
exploitdb
Mozilla NSS NULL Character CA SSL Certificate Validation Security Bypass Vulnerability
2009-06-30 00:00:00
PHP - 'openssl_x509_parse()' Memory Corruption
2013-12-17 00:00:00
zdt
zdt
PHP openssl_x509_parse() Memory Corruption Vulnerability
2013-12-16 00:00:00
PHP openssl_x509_parse() Memory Corruption Vulnerability
2013-12-17 00:00:00
kaspersky
kaspersky
KLA10458 Multiple vulnerabilities in HP SMH
2014-01-10 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
5.9 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
0.95 High
EPSS
Percentile
99.3%
Related for MANDRIVA_MDVSA-2014-014.NASL