Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2011-2024 Tenable Network Security, Inc.PHP_5_3_5.NASL
HistoryJan 07, 2011 - 12:00 a.m.

PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS

2011-01-0700:00:00
This script is Copyright (C) 2011-2024 Tenable Network Security, Inc.
www.tenable.com
93

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.021

Percentile

89.2%

JSON

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2.17 or 5.3.5.

Such versions may experience a crash while performing string to double conversion for certain numeric values. Only x86 32-bit PHP processes are known to be affected by this issue regardless of whether the system running PHP is 32-bit or 64-bit.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(51439);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/05/31");

  script_cve_id("CVE-2010-4645");
  script_bugtraq_id(45668);

  script_name(english:"PHP 5.2 < 5.2.17 / 5.3 < 5.3.5 String To Double Conversion DoS");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server uses a version of PHP that is affected by
a denial of service vulnerability.");
  script_set_attribute(attribute:"description", value:
"According to its banner, the version of PHP 5.x installed on the
remote host is older than 5.2.17 or 5.3.5. 

Such versions may experience a crash while performing string to double
conversion for certain numeric values.  Only x86 32-bit PHP processes
are known to be affected by this issue regardless of whether the
system running PHP is 32-bit or 64-bit.");
  script_set_attribute(attribute:"see_also", value:"https://bugs.php.net/bug.php?id=53632");
  script_set_attribute(attribute:"see_also", value:"http://www.php.net/distributions/test_bug53632.txt");
  script_set_attribute(attribute:"see_also", value:"http://www.php.net/releases/5_2_17.php");
  script_set_attribute(attribute:"see_also", value:"http://www.php.net/releases/5_3_5.php");
  script_set_attribute(attribute:"solution", value:
"Upgrade to PHP 5.2.17/5.3.5 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"No exploit is required");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/12/30");
  script_set_attribute(attribute:"patch_publication_date", value:"2011/01/06");
  script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/07");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:php:php");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_set_attribute(attribute:"enable_cgi_scanning", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2011-2024 Tenable Network Security, Inc.");

  script_dependencies("php_version.nasl");
  script_require_keys("www/PHP");
  script_exclude_keys("Settings/disable_cgi_scanning");
  script_require_ports("Services/www", 80);

  exit(0);
}

include("global_settings.inc");
include("misc_func.inc");
include("http.inc");
include("audit.inc");
include("webapp_func.inc");

port = get_http_port(default:80, php:TRUE);

php = get_php_from_kb(
  port : port,
  exit_on_fail : TRUE
);

version = php["ver"];
source = php["src"];

backported = get_kb_item('www/php/'+port+'/'+version+'/backported');

if (report_paranoia < 2 && backported)
  audit(AUDIT_BACKPORT_SERVICE, port, "PHP "+version+" install");

if (
  (version =~ "^5\.2\.([0-9]|1[0-6])($|[^0-9])") ||
  (version =~ "^5\.3\.[0-4]($|[^0-9])")
)
{
  if (report_verbosity > 0)
  {
    report =
      '\n  Version source     : '+source +
      '\n  Installed version  : '+version+
      '\n  Fixed version      : 5.2.17/5.3.5\n';
    security_warning(port:port, extra:report);
  }
  else security_warning(port);
  exit(0);
}
else audit(AUDIT_LISTEN_NOT_VULN, "PHP", port, version);
VendorProductVersionCPE
phpphpcpe:/a:php:php

Related

cve 1
openvas 38
slackware 1
fedora 8
nessus 21
nvd 1
checkpoint_security 1
ubuntucve 1
f5 4
prion 1
cvelist 1
freebsd 1
redhat 2
centos 1
oraclelinux 2
ubuntu 1
securityvulns 4
gentoo 1
cve
cve
CVE-2010-4645
2011-01-11 03:00:04
openvas
openvas
Slackware: Security Advisory (SSA:2011-010-01)
2012-09-10 00:00:00
Fedora Update for php FEDORA-2011-0329
2011-01-24 00:00:00
Fedora Update for maniadrive FEDORA-2011-0321
2011-01-24 00:00:00
slackware
slackware
[slackware-security] php
2011-01-11 00:47:45
fedora
fedora
[SECURITY] Fedora 13 Update: maniadrive-1.2-26.fc13.1
2011-01-21 23:05:26
[SECURITY] Fedora 13 Update: php-eaccelerator-0.9.6.1-4.fc13
2011-01-21 23:05:26
[SECURITY] Fedora 14 Update: maniadrive-data-1.2-5.fc14
2011-01-21 22:58:10
nessus
nessus
Slackware 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 13.1 / current : php (SSA:2011-010-01)
2011-01-11 00:00:00
Fedora 13 : maniadrive-1.2-26.fc13.1 / maniadrive-data-1.2-5.fc13 / php-5.3.5-1.fc13 / etc (2011-0321)
2011-01-24 00:00:00
F5 Networks BIG-IP : PHP vulnerability (SOL12650)
2014-10-10 00:00:00
nvd
nvd
CVE-2010-4645
2011-01-11 03:00:04
checkpoint_security
checkpoint_security
Check Point's response to PHP Floating-Point Value Denial of Service Vulnerability (CVE-2010-4645)
2011-01-24 22:00:00
ubuntucve
ubuntucve
CVE-2010-4645
2011-01-11 00:00:00
f5
f5
SOL12650 - PHP vulnerability CVE-2010-4645
2011-02-28 00:00:00
K12650 : PHP vulnerability CVE-2010-4645
2013-07-05 00:00:00
Multiple PHP vulnerabilities
2012-04-05 02:07:00
prion
prion
Design/Logic Flaw
2011-01-11 03:00:00
cvelist
cvelist
CVE-2010-4645
2011-01-11 01:00:00
freebsd
freebsd
php -- multiple vulnerabilities
2011-01-06 00:00:00
redhat
redhat
(RHSA-2011:0196) Moderate: php53 security update
2011-02-03 00:00:00
(RHSA-2011:0195) Moderate: php security update
2011-02-03 00:00:00
centos
centos
php53 security update
2011-04-14 23:48:18
oraclelinux
oraclelinux
php53 security update
2011-02-03 00:00:00
php security update
2011-02-10 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2011-01-11 00:00:00
securityvulns
securityvulns
[USN-1042-1] PHP vulnerabilities
2011-01-13 00:00:00
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities
2011-10-12 00:00:00
APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006
2011-10-16 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2011-10-10 00:00:00

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.4

Confidence

Low

EPSS

0.021

Percentile

89.2%

JSON
Related for PHP_5_3_5.NASL
cve1openvas38slackware1fedora8nessus21nvd1checkpoint_security1ubuntucve1f54prion1cvelist1freebsd1redhat2centos1oraclelinux2ubuntu1securityvulns4gentoo1