top of page

Issue
-----
NVT:    PHP Denial Of Service Vulnerability - April09
OID:    1.3.6.1.4.1.25623.1.0.800393
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The host is installed with PHP and is prone to Denial of
  Service vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.2.10

Impact:
Successful exploitation could result in denial of service condition.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.2.9 or above,
  http://www.php.net/downloads.php
  Workaround:
  For workaround refer below link,
  http://cvs.php.net/viewvc.cgi/php-src/ext/json/JSON_parser.c?r1=1.1.2.14&r2=1.!
1.2.15

Affected Software/OS:
PHP version prior to 5.2.9

Vulnerability Insight:
Improper handling of .zip file while doing extraction via
  php_zip_make_relative_path function in php_zip.c file.

Vulnerability Detection Method:
Details:
PHP Denial Of Service Vulnerability - April09
(OID: 1.3.6.1.4.1.25623.1.0.800393)
Version used: $Revision: 4504 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2009-1272
CERT: DFN-CERT-2009-1129

Other:
    http://www.php.net/releases/5_2_9.php
    http://www.openwall.com/lists/oss-security/2009/04/01/9


Issue
-----
NVT:    PHP Directory Traversal Vulnerability - Jul16 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808617
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to Directory traversal vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.4.45

Impact:
Successfully exploiting this issue allow remote
  attackers to read arbitrary empty directories, also to cause a denial of servi!
ce.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.4.45, or 5.5.29, 
  or 5.6.13, or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.4.45, 5.5.x before
  5.5.29, and 5.6.x before 5.6.13 on Linux

Vulnerability Insight:
Multiple flaws are due to
  - An error in the 'ZipArchive::extractTo' function in
    'ext/zip/php_zip.c' script.
  - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2
    is used, does not consider the possibility of a NULL valuePop return value
    before proceeding with a free operation after the principal argument loop.
  - Improper handling of multiple php_var_unserialize calls.
  - Multiple use-after-free vulnerabilities.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Directory Traversal Vulnerability - Jul16 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808617)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-9767, CVE-2015-6834, CVE-2015-6835, CVE-2015-6837, CVE-2015-6838
BID: 76652,  76649,  76733,  76734,  76738
CERT: CB-K16/1776
, CB-K16/0944
, CB-K16/0912
, CB-K16/0623
, CB-K16/0614
, CB-K16/0422
, CB-K15/1571
, CB-K15/1561
, CB-K15/1478
, CB-K15/1439
, CB-K15/1415
, CB-K15/1337
, DFN-CERT-2016-1882
, DFN-CERT-2016-1004
, DFN-CERT-2016-0972
, DFN-CERT-2016-0676
, DFN-CERT-2016-0659
, DFN-CERT-2016-0460
, DFN-CERT-2015-1658
, DFN-CERT-2015-1644
, DFN-CERT-2015-1556
, DFN-CERT-2015-1515
, DFN-CERT-2015-1493
, DFN-CERT-2015-1407

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.openwall.com/lists/oss-security/2016/03/16/20


Issue
-----
NVT:    PHP Directory Traversal Vulnerability - Jul16 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808617
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to Directory traversal vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.4.45

Impact:
Successfully exploiting this issue allow remote
  attackers to read arbitrary empty directories, also to cause a denial of servi!
ce.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.4.45, or 5.5.29, 
  or 5.6.13, or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.4.45, 5.5.x before
  5.5.29, and 5.6.x before 5.6.13 on Linux

Vulnerability Insight:
Multiple flaws are due to
  - An error in the 'ZipArchive::extractTo' function in
    'ext/zip/php_zip.c' script.
  - The xsl_ext_function_php function in ext/xsl/xsltprocessor.c when libxml2
    is used, does not consider the possibility of a NULL valuePop return value
    before proceeding with a free operation after the principal argument loop.
  - Improper handling of multiple php_var_unserialize calls.
  - Multiple use-after-free vulnerabilities.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Directory Traversal Vulnerability - Jul16 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808617)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-9767, CVE-2015-6834, CVE-2015-6835, CVE-2015-6837, CVE-2015-6838
BID: 76652,  76649,  76733,  76734,  76738
CERT: CB-K16/1776
, CB-K16/0944
, CB-K16/0912
, CB-K16/0623
, CB-K16/0614
, CB-K16/0422
, CB-K15/1571
, CB-K15/1561
, CB-K15/1478
, CB-K15/1439
, CB-K15/1415
, CB-K15/1337
, DFN-CERT-2016-1882
, DFN-CERT-2016-1004
, DFN-CERT-2016-0972
, DFN-CERT-2016-0676
, DFN-CERT-2016-0659
, DFN-CERT-2016-0460
, DFN-CERT-2015-1658
, DFN-CERT-2015-1644
, DFN-CERT-2015-1556
, DFN-CERT-2015-1515
, DFN-CERT-2015-1493
, DFN-CERT-2015-1407

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.openwall.com/lists/oss-security/2016/03/16/20


Issue
-----
NVT:    PHP display_errors Cross-Site Scripting Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.800334
Threat: Low (CVSS: 2.6)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The host is running PHP and is prone to Cross-Site Scripting
  vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.2.8

Impact:
Successful exploitation could allow attackers to inject arbitrary web script
  or HTML via unspecified vectors and conduct Cross-Site Scripting attacks.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to version 5.2.8 or later
  http://www.php.net/downloads.php

Affected Software/OS:
PHP version 5.2.7 and prior on all running platform.

Vulnerability Insight:
The flaw is due to improper handling of certain inputs when
  display_errors settings is enabled.

Vulnerability Detection Method:
Details:
PHP display_errors Cross-Site Scripting Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.800334)
Version used: $Revision: 4504 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-5814
CERT: DFN-CERT-2010-0588
, DFN-CERT-2010-0263

Other:
    http://jvn.jp/en/jp/JVN50327700/index.html
    http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html


Issue
-----
NVT:    PHP display_errors Cross-Site Scripting Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.800334
Threat: Low (CVSS: 2.6)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The host is running PHP and is prone to Cross-Site Scripting
  vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.2.8

Impact:
Successful exploitation could allow attackers to inject arbitrary web script
  or HTML via unspecified vectors and conduct Cross-Site Scripting attacks.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to version 5.2.8 or later
  http://www.php.net/downloads.php

Affected Software/OS:
PHP version 5.2.7 and prior on all running platform.

Vulnerability Insight:
The flaw is due to improper handling of certain inputs when
  display_errors settings is enabled.

Vulnerability Detection Method:
Details:
PHP display_errors Cross-Site Scripting Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.800334)
Version used: $Revision: 4504 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-5814
CERT: DFN-CERT-2010-0588
, DFN-CERT-2010-0263

Other:
    http://jvn.jp/en/jp/JVN50327700/index.html
    http://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000084.html


Issue
-----
NVT:    PHP End Of Life Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.105889
Threat: High (CVSS: 10.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The PHP version on the remote host has reached the end of life and should
  not be used anymore.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6/7.0

Impact:
An end of life version of PHP is not receiving any security updates from the ven!
dor. Unfixed security vulnerabilities
  might be leveraged by an attacker to compromise the security of this host.

Solution:
Solution type: VendorFix
Update the PHP version on the remote host to a still supported version.

Affected Software/OS:
PHP versions below PHP 5.6

Vulnerability Insight:
Each release branch of PHP is fully supported for two years from its initial sta!
ble release.
  During this period, bugs and security issues that have been reported are fixed!
 and are released in regular point releases.
  After this two year period of active support, each branch is then supported fo!
r an additional year for critical security
  issues only. Releases during this period are made on an as-needed basis: there!
 may be multiple point releases, or none,
  depending on the number of reports.
  Once the three years of support are completed, the branch reaches its end of l!
ife and is no longer supported.

Vulnerability Detection Method:
Get the installed version with the help of the detect NVT and check if the versi!
on is unsupported.
Details:
PHP End Of Life Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.105889)
Version used: $Revision: 5580 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
Other:
    https://secure.php.net/supported-versions.php


Issue
-----
NVT:    PHP End Of Life Detection (Linux)
OID:    1.3.6.1.4.1.25623.1.0.105889
Threat: High (CVSS: 10.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The PHP version on the remote host has reached the end of life and should
  not be used anymore.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6/7.0

Impact:
An end of life version of PHP is not receiving any security updates from the ven!
dor. Unfixed security vulnerabilities
  might be leveraged by an attacker to compromise the security of this host.

Solution:
Solution type: VendorFix
Update the PHP version on the remote host to a still supported version.

Affected Software/OS:
PHP versions below PHP 5.6

Vulnerability Insight:
Each release branch of PHP is fully supported for two years from its initial sta!
ble release.
  During this period, bugs and security issues that have been reported are fixed!
 and are released in regular point releases.
  After this two year period of active support, each branch is then supported fo!
r an additional year for critical security
  issues only. Releases during this period are made on an as-needed basis: there!
 may be multiple point releases, or none,
  depending on the number of reports.
  Once the three years of support are completed, the branch reaches its end of l!
ife and is no longer supported.

Vulnerability Detection Method:
Get the installed version with the help of the detect NVT and check if the versi!
on is unsupported.
Details:
PHP End Of Life Detection (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.105889)
Version used: $Revision: 5580 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
Other:
    https://secure.php.net/supported-versions.php


Issue
-----
NVT:    PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.100582
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a denial-of-service vulnerability because the
  application fails to handle certain file requests.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.9

Impact:
Attackers can exploit this issue to crash the affected application,
  denying service to legitimate users.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Affected Software/OS:
PHP 4.4 prior to 4.4.9 and PHP 5.2 through 5.2.6 are vulnerable.

Vulnerability Detection Method:
Details:
PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.100582)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-3660
BID: 31612
CERT: DFN-CERT-2009-1497

Other:
    http://www.securityfocus.com/bid/31612
    http://www.openwall.com/lists/oss-security/2008/08/08/2
    http://www.php.net/ChangeLog-5.php#5.2.8
    http://www.php.net
    http://support.avaya.com/elmodocs2/security/ASA-2009-161.htm


Issue
-----
NVT:    PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.100582
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a denial-of-service vulnerability because the
  application fails to handle certain file requests.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.9

Impact:
Attackers can exploit this issue to crash the affected application,
  denying service to legitimate users.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Affected Software/OS:
PHP 4.4 prior to 4.4.9 and PHP 5.2 through 5.2.6 are vulnerable.

Vulnerability Detection Method:
Details:
PHP FastCGI Module File Extension Denial Of Service Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.100582)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-3660
BID: 31612
CERT: DFN-CERT-2009-1497

Other:
    http://www.securityfocus.com/bid/31612
    http://www.openwall.com/lists/oss-security/2008/08/08/2
    http://www.php.net/ChangeLog-5.php#5.2.8
    http://www.php.net
    http://support.avaya.com/elmodocs2/security/ASA-2009-161.htm


Issue
-----
NVT:    PHP Fileinfo Component Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808669
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to denial of service vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.0

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.0
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.6.0 on Linux

Vulnerability Insight:
The flaw is due an improper validation of input
  to zero root_storage value in a CDF file.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Fileinfo Component Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808669)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-0236
BID: 90957
Other:
    http://www.php.net/ChangeLog-5.php


Issue
-----
NVT:    PHP Fileinfo Component Denial of Service Vulnerability (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808669
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to denial of service vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.0

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.0
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.6.0 on Linux

Vulnerability Insight:
The flaw is due an improper validation of input
  to zero root_storage value in a CDF file.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Fileinfo Component Denial of Service Vulnerability (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808669)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-0236
BID: 90957
Other:
    http://www.php.net/ChangeLog-5.php


Issue
-----
NVT:    PHP Heap-based buffer overflow in 'mbstring' extension
OID:    1.3.6.1.4.1.25623.1.0.900185
Threat: High (CVSS: 10.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The host is running PHP and is prone to Buffer Overflow
  vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.2.7

Impact:
Successful exploitation could allow attackers to execute arbitrary code via
  a crafted string containing an HTML entity.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to version 5.2.7 or later,
  http://www.php.net/downloads.php

Affected Software/OS:
PHP version 4.3.0 to 5.2.6 on all running platform.

Vulnerability Insight:
The flaw is due to error in mbfilter_htmlent.c file in the mbstring
  extension. These can be exploited via mb_convert_encoding, mb_check_encoding,
  mb_convert_variables, and mb_parse_str functions.

Vulnerability Detection Method:
Details:
PHP Heap-based buffer overflow in 'mbstring' extension
(OID: 1.3.6.1.4.1.25623.1.0.900185)
Version used: $Revision: 4505 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-5557
BID: 32948
CERT: DFN-CERT-2010-0588
, DFN-CERT-2009-1497

Other:
    http://bugs.php.net/bug.php?id=45722
    http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html


Issue
-----
NVT:    PHP Heap-based buffer overflow in 'mbstring' extension
OID:    1.3.6.1.4.1.25623.1.0.900185
Threat: High (CVSS: 10.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
The host is running PHP and is prone to Buffer Overflow
  vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.2.7

Impact:
Successful exploitation could allow attackers to execute arbitrary code via
  a crafted string containing an HTML entity.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to version 5.2.7 or later,
  http://www.php.net/downloads.php

Affected Software/OS:
PHP version 4.3.0 to 5.2.6 on all running platform.

Vulnerability Insight:
The flaw is due to error in mbfilter_htmlent.c file in the mbstring
  extension. These can be exploited via mb_convert_encoding, mb_check_encoding,
  mb_convert_variables, and mb_parse_str functions.

Vulnerability Detection Method:
Details:
PHP Heap-based buffer overflow in 'mbstring' extension
(OID: 1.3.6.1.4.1.25623.1.0.900185)
Version used: $Revision: 4505 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-5557
BID: 32948
CERT: DFN-CERT-2010-0588
, DFN-CERT-2009-1497

Other:
    http://bugs.php.net/bug.php?id=45722
    http://archives.neohapsis.com/archives/fulldisclosure/2008-12/0477.html


Issue
-----
NVT:    PHP Imap_Mail_Compose() Function Buffer Overflow Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100600
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a buffer-overflow vulnerability because the
  application fails to perform boundary checks before copying
  user-supplied data to insufficiently sized memory buffers.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.5

Impact:
An attacker can exploit this issue to execute arbitrary machine code
  in the context of the affected webserver. Failed exploit attempts will
  likely crash the webserver, denying service to legitimate users.

Solution:
Solution type: VendorFix
The vendor released PHP 4.4.5 and 5.2.1 to address this issue. Please
  see the references for more information.

Affected Software/OS:
This issue affects PHP versions prior to 4.4.5 and 5.2.1.

Vulnerability Detection Method:
Details:
PHP Imap_Mail_Compose() Function Buffer Overflow Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100600)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2007-1825
BID: 23234
Other:
    http://www.securityfocus.com/bid/23234
    http://www.php-security.org/MOPB/MOPB-40-2007.html
    http://www.php.net/


Issue
-----
NVT:    PHP Imap_Mail_Compose() Function Buffer Overflow Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100600
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a buffer-overflow vulnerability because the
  application fails to perform boundary checks before copying
  user-supplied data to insufficiently sized memory buffers.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.5

Impact:
An attacker can exploit this issue to execute arbitrary machine code
  in the context of the affected webserver. Failed exploit attempts will
  likely crash the webserver, denying service to legitimate users.

Solution:
Solution type: VendorFix
The vendor released PHP 4.4.5 and 5.2.1 to address this issue. Please
  see the references for more information.

Affected Software/OS:
This issue affects PHP versions prior to 4.4.5 and 5.2.1.

Vulnerability Detection Method:
Details:
PHP Imap_Mail_Compose() Function Buffer Overflow Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100600)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2007-1825
BID: 23234
Other:
    http://www.securityfocus.com/bid/23234
    http://www.php-security.org/MOPB/MOPB-40-2007.html
    http://www.php.net/


Issue
-----
NVT:    PHP Interruptions and Calltime Arbitrary Code Execution Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100252
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a vulnerability that an attacker could exploit to
  execute arbitrary code with the privileges of the user running the
  affected application.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     N/A

Impact:
Successful exploits will compromise the
  application and possibly the computer.

Vulnerability Detection Method:
Details:
PHP Interruptions and Calltime Arbitrary Code Execution Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100252)
Version used: $Revision: 4505 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
BID: 35867
Other:
    http://www.securityfocus.com/bid/35867
    http://www.php.net
    http://www.blackhat.com/presentations/bh-usa-09/ESSER/BHUSA09-Esser-PostExploitationPHP-PAPER.pdf


Issue
-----
NVT:    PHP Interruptions and Calltime Arbitrary Code Execution Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100252
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to a vulnerability that an attacker could exploit to
  execute arbitrary code with the privileges of the user running the
  affected application.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     N/A

Impact:
Successful exploits will compromise the
  application and possibly the computer.

Vulnerability Detection Method:
Details:
PHP Interruptions and Calltime Arbitrary Code Execution Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100252)
Version used: $Revision: 4505 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
BID: 35867
Other:
    http://www.securityfocus.com/bid/35867
    http://www.php.net
    http://www.blackhat.com/presentations/bh-usa-09/ESSER/BHUSA09-Esser-PostExploitationPHP-PAPER.pdf


Issue
-----
NVT:    PHP Man-in-the-Middle Attack Vulnerability - Jul16 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808628
Threat: Medium (CVSS: 5.1)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to Man-in-the-middle attack vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.24/7.0.9

Impact:
Successfully exploiting this issue may allow
  remote, unauthenticated to conduct MITM attacks on internal server subrequests!
 
  or direct the server to initiate connections to arbitrary hosts or to cause a
  denial of service.
  Impact Level: Application

Solution:
Solution type: VendorFix
Update to PHP version 5.6.24 or 7.0.19.
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions 5.x through 5.6.23 and 7.0.x through 7.0.8 on Linux

Vulnerability Insight:
The web servers running in a CGI or 
  CGI-like context may assign client request Proxy header values to internal 
  HTTP_PROXY environment variables and 'HTTP_PROXY' is improperly trusted by som!

  PHP libraries and applications and flaw exist in the gdImageCropThreshold
  function in 'gd_crop.c' in the GD Graphics Library.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Man-in-the-Middle Attack Vulnerability - Jul16 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808628)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-5385, CVE-2016-6128
BID: 91821,  91509
CERT: CB-K16/1941
, CB-K16/1854
, CB-K16/1776
, CB-K16/1549
, CB-K16/1499
, CB-K16/1407
, CB-K16/1283
, CB-K16/1248
, CB-K16/1179
, CB-K16/1115
, CB-K16/1110
, CB-K16/1106
, CB-K16/1092
, CB-K16/1077
, CB-K16/1045
, DFN-CERT-2016-2047
, DFN-CERT-2016-1961
, DFN-CERT-2016-1882
, DFN-CERT-2016-1641
, DFN-CERT-2016-1590
, DFN-CERT-2016-1498
, DFN-CERT-2016-1367
, DFN-CERT-2016-1326
, DFN-CERT-2016-1253
, DFN-CERT-2016-1184
, DFN-CERT-2016-1179
, DFN-CERT-2016-1178
, DFN-CERT-2016-1157
, DFN-CERT-2016-1144
, DFN-CERT-2016-1110

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php
    http://www.kb.cert.org/vuls/id/797896
    https://bugs.php.net/bug.php?id=72573
    https://bugs.php.net/bug.php?id=72494


Issue
-----
NVT:    PHP Man-in-the-Middle Attack Vulnerability - Jul16 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808628
Threat: Medium (CVSS: 5.1)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to Man-in-the-middle attack vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.24/7.0.9

Impact:
Successfully exploiting this issue may allow
  remote, unauthenticated to conduct MITM attacks on internal server subrequests!
 
  or direct the server to initiate connections to arbitrary hosts or to cause a
  denial of service.
  Impact Level: Application

Solution:
Solution type: VendorFix
Update to PHP version 5.6.24 or 7.0.19.
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions 5.x through 5.6.23 and 7.0.x through 7.0.8 on Linux

Vulnerability Insight:
The web servers running in a CGI or 
  CGI-like context may assign client request Proxy header values to internal 
  HTTP_PROXY environment variables and 'HTTP_PROXY' is improperly trusted by som!

  PHP libraries and applications and flaw exist in the gdImageCropThreshold
  function in 'gd_crop.c' in the GD Graphics Library.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Man-in-the-Middle Attack Vulnerability - Jul16 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808628)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-5385, CVE-2016-6128
BID: 91821,  91509
CERT: CB-K16/1941
, CB-K16/1854
, CB-K16/1776
, CB-K16/1549
, CB-K16/1499
, CB-K16/1407
, CB-K16/1283
, CB-K16/1248
, CB-K16/1179
, CB-K16/1115
, CB-K16/1110
, CB-K16/1106
, CB-K16/1092
, CB-K16/1077
, CB-K16/1045
, DFN-CERT-2016-2047
, DFN-CERT-2016-1961
, DFN-CERT-2016-1882
, DFN-CERT-2016-1641
, DFN-CERT-2016-1590
, DFN-CERT-2016-1498
, DFN-CERT-2016-1367
, DFN-CERT-2016-1326
, DFN-CERT-2016-1253
, DFN-CERT-2016-1184
, DFN-CERT-2016-1179
, DFN-CERT-2016-1178
, DFN-CERT-2016-1157
, DFN-CERT-2016-1144
, DFN-CERT-2016-1110

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php
    http://www.kb.cert.org/vuls/id/797896
    https://bugs.php.net/bug.php?id=72573
    https://bugs.php.net/bug.php?id=72494


Issue
-----
NVT:    PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100592
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to an integer-overflow vulnerability because it
  fails to ensure that integer values aren't overrun. Attackers
  may exploit this issue to cause a buffer overflow and to corrupt process memor!
y.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.5

Impact:
Exploiting this issue may allow attackers to execute arbitrary machine
  code in the context of the affected application. Failed exploit
  attempts will likely result in a denial-of-service condition.

Solution:
Solution type: VendorFix
Reports indicate that the vendor released version 4.4.5 and 5.2.1 to
  address this issue. Symantec has not confirmed this. Please contact
  the vendor for information on obtaining and applying fixes.

Affected Software/OS:
This issue affects PHP versions prior to 4.4.5 and 5.2.1.

Vulnerability Detection Method:
Details:
PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100592)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2007-1889
BID: 23236
Other:
    http://www.securityfocus.com/bid/23236
    http://www.php-security.org/MOPB/MOPB-43-2007.html
    http://www.php.net/
    http://lists.suse.com/archive/suse-security-announce/2007-May/0007.html


Issue
-----
NVT:    PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
OID:    1.3.6.1.4.1.25623.1.0.100592
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to an integer-overflow vulnerability because it
  fails to ensure that integer values aren't overrun. Attackers
  may exploit this issue to cause a buffer overflow and to corrupt process memor!
y.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.5

Impact:
Exploiting this issue may allow attackers to execute arbitrary machine
  code in the context of the affected application. Failed exploit
  attempts will likely result in a denial-of-service condition.

Solution:
Solution type: VendorFix
Reports indicate that the vendor released version 4.4.5 and 5.2.1 to
  address this issue. Symantec has not confirmed this. Please contact
  the vendor for information on obtaining and applying fixes.

Affected Software/OS:
This issue affects PHP versions prior to 4.4.5 and 5.2.1.

Vulnerability Detection Method:
Details:
PHP Msg_Receive() Memory Allocation Integer Overflow Vulnerability
(OID: 1.3.6.1.4.1.25623.1.0.100592)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2007-1889
BID: 23236
Other:
    http://www.securityfocus.com/bid/23236
    http://www.php-security.org/MOPB/MOPB-43-2007.html
    http://www.php.net/
    http://lists.suse.com/archive/suse-security-announce/2007-May/0007.html


Issue
-----
NVT:    PHP Multiple Buffer Overflow Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.100583
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to multiple buffer-overflow vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.9

Impact:
Successful exploits may allow attackers to execute arbitrary code in
  the context of applications using the vulnerable PHP functions. This
  may result in a compromise of the underlying system. Failed attempts
  may lead to a denial-of-service condition.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Affected Software/OS:
Versions prior to PHP 4.4.9 and PHP 5.2.8 are vulnerable.

Vulnerability Detection Method:
Details:
PHP Multiple Buffer Overflow Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.100583)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-3659, CVE-2008-3658
BID: 30649
CERT: DFN-CERT-2009-1497

Other:
    http://www.securityfocus.com/bid/30649
    http://www.php.net/ChangeLog-5.php#5.2.8
    http://www.php.net/archive/2008.php#id2008-08-07-1
    http://www.php.net/
    http://support.avaya.com/elmodocs2/security/ASA-2009-161.htm


Issue
-----
NVT:    PHP Multiple Buffer Overflow Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.100583
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
PHP is prone to multiple buffer-overflow vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     4.4.9

Impact:
Successful exploits may allow attackers to execute arbitrary code in
  the context of applications using the vulnerable PHP functions. This
  may result in a compromise of the underlying system. Failed attempts
  may lead to a denial-of-service condition.

Solution:
Solution type: VendorFix
Updates are available. Please see the references for more information.

Affected Software/OS:
Versions prior to PHP 4.4.9 and PHP 5.2.8 are vulnerable.

Vulnerability Detection Method:
Details:
PHP Multiple Buffer Overflow Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.100583)
Version used: $Revision: 4503 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2008-3659, CVE-2008-3658
BID: 30649
CERT: DFN-CERT-2009-1497

Other:
    http://www.securityfocus.com/bid/30649
    http://www.php.net/ChangeLog-5.php#5.2.8
    http://www.php.net/archive/2008.php#id2008-08-07-1
    http://www.php.net/
    http://support.avaya.com/elmodocs2/security/ASA-2009-161.htm


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808611
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.12

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (application crash or
  memory consuption).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.12
  or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.6.12 on Linux

Vulnerability Insight:
Multiple flaws are due to
  - An improper handling of driver behavior for SQL_WVARCHAR columns in the
    'odbc_bindcols function' in 'ext/odbc/php_odbc.c' script.
  - The 'gdImageScaleTwoPass' function in gd_interpolation.c script in the 
    GD Graphics Library uses inconsistent allocate and free approaches.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808611)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2015-8877, CVE-2015-8879, CVE-2015-8874
BID: 90866,  90842,  90714
CERT: CB-K16/1776
, CB-K16/0975
, CB-K16/0965
, CB-K16/0944
, CB-K16/0937
, CB-K16/0912
, CB-K16/0911
, CB-K16/0868
, CB-K16/0805
, CB-K16/0801
, DFN-CERT-2016-1882
, DFN-CERT-2016-1033
, DFN-CERT-2016-1022
, DFN-CERT-2016-1004
, DFN-CERT-2016-0996
, DFN-CERT-2016-0972
, DFN-CERT-2016-0944
, DFN-CERT-2016-0924
, DFN-CERT-2016-0876
, DFN-CERT-2016-0871
, DFN-CERT-2016-0857
, DFN-CERT-2016-0855

Other:
    http://www.php.net/ChangeLog-5.php


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities (Linux)
OID:    1.3.6.1.4.1.25623.1.0.808611
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.12

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (application crash or
  memory consuption).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.12
  or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions prior to 5.6.12 on Linux

Vulnerability Insight:
Multiple flaws are due to
  - An improper handling of driver behavior for SQL_WVARCHAR columns in the
    'odbc_bindcols function' in 'ext/odbc/php_odbc.c' script.
  - The 'gdImageScaleTwoPass' function in gd_interpolation.c script in the 
    GD Graphics Library uses inconsistent allocate and free approaches.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.808611)
Version used: $Revision: 5083 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2015-8877, CVE-2015-8879, CVE-2015-8874
BID: 90866,  90842,  90714
CERT: CB-K16/1776
, CB-K16/0975
, CB-K16/0965
, CB-K16/0944
, CB-K16/0937
, CB-K16/0912
, CB-K16/0911
, CB-K16/0868
, CB-K16/0805
, CB-K16/0801
, DFN-CERT-2016-1882
, DFN-CERT-2016-1033
, DFN-CERT-2016-1022
, DFN-CERT-2016-1004
, DFN-CERT-2016-0996
, DFN-CERT-2016-0972
, DFN-CERT-2016-0944
, DFN-CERT-2016-0924
, DFN-CERT-2016-0876
, DFN-CERT-2016-0871
, DFN-CERT-2016-0857
, DFN-CERT-2016-0855

Other:
    http://www.php.net/ChangeLog-5.php


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 01 - Dec15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.806649
Threat: Medium (CVSS: 6.8)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed Version: 4.4.4
Fixed Version:     5.5.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (NULL pointer dereference and
  application crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP 5.5.30 or 5.6.14 or
  later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.5.30 and 5.6.x
  before 5.6.14

Vulnerability Insight:
Multiple flaws are due to,
  - An Off-by-one error in the 'phar_parse_zipfile' function within ext/phar/zip!
.c
    script.
  - An error in the 'phar_get_entry_data' function in ext/phar/util.c script.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 01 - Dec15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.806649)
Version used: $Revision: 5082 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2015-7804, CVE-2015-7803
BID: 76959
CERT: CB-K16/0944
, CB-K16/0912
, CB-K16/0623
, CB-K16/0422
, CB-K16/0161
, CB-K16/0136
, CB-K15/1792
, CB-K15/1453
, DFN-CERT-2016-1004
, DFN-CERT-2016-0972
, DFN-CERT-2016-0676
, DFN-CERT-2016-0460
, DFN-CERT-2016-0176
, DFN-CERT-2016-0154
, DFN-CERT-2015-1898
, DFN-CERT-2015-1530

Other:
    http://www.php.net/ChangeLog-5.php
    https://bugs.php.net/bug.php?id=70433
    http://www.openwall.com/lists/oss-security/2015/10/05/8


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 01 - Dec15 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.806649
Threat: Medium (CVSS: 6.8)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed Version: 4.4.4
Fixed Version:     5.5.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (NULL pointer dereference and
  application crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP 5.5.30 or 5.6.14 or
  later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.5.30 and 5.6.x
  before 5.6.14

Vulnerability Insight:
Multiple flaws are due to,
  - An Off-by-one error in the 'phar_parse_zipfile' function within ext/phar/zip!
.c
    script.
  - An error in the 'phar_get_entry_data' function in ext/phar/util.c script.

Vulnerability Detection Method:
Get the installed version with the help
  of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 01 - Dec15 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.806649)
Version used: $Revision: 5082 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2015-7804, CVE-2015-7803
BID: 76959
CERT: CB-K16/0944
, CB-K16/0912
, CB-K16/0623
, CB-K16/0422
, CB-K16/0161
, CB-K16/0136
, CB-K15/1792
, CB-K15/1453
, DFN-CERT-2016-1004
, DFN-CERT-2016-0972
, DFN-CERT-2016-0676
, DFN-CERT-2016-0460
, DFN-CERT-2016-0176
, DFN-CERT-2016-0154
, DFN-CERT-2015-1898
, DFN-CERT-2015-1530

Other:
    http://www.php.net/ChangeLog-5.php
    https://bugs.php.net/bug.php?id=70433
    http://www.openwall.com/lists/oss-security/2015/10/05/8


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 01 - Jan17 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.108052
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (buffer over-read or application!
 crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.30, 7.0.15, 7.1.1 
  or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.6.30, 7.0.x before
  7.0.15, and 7.1.x before 7.1.1.

Vulnerability Insight:
Multiple flaws are due to
  - The exif_convert_any_to_int function in ext/exif/exif.c tries to divide
  the minimum representable negative integer by -1.
  - A mishandled serialized data in a finish_nested_data call within the
  object_common1 function in ext/standard/var_unserializer.c.

Vulnerability Detection Method:
Get the installed version with the help
  of the detect NVT and check if the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 01 - Jan17 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.108052)
Version used: $Revision: 5099 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-10161, CVE-2016-10158
CERT: DFN-CERT-2017-0532
, DFN-CERT-2017-0334
, DFN-CERT-2017-0325
, DFN-CERT-2017-0274
, DFN-CERT-2017-0144

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 01 - Jan17 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.108052
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (buffer over-read or application!
 crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.30, 7.0.15, 7.1.1 
  or later. For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.6.30, 7.0.x before
  7.0.15, and 7.1.x before 7.1.1.

Vulnerability Insight:
Multiple flaws are due to
  - The exif_convert_any_to_int function in ext/exif/exif.c tries to divide
  the minimum representable negative integer by -1.
  - A mishandled serialized data in a finish_nested_data call within the
  object_common1 function in ext/standard/var_unserializer.c.

Vulnerability Detection Method:
Get the installed version with the help
  of the detect NVT and check if the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 01 - Jan17 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.108052)
Version used: $Revision: 5099 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-10161, CVE-2016-10158
CERT: DFN-CERT-2017-0532
, DFN-CERT-2017-0334
, DFN-CERT-2017-0325
, DFN-CERT-2017-0274
, DFN-CERT-2017-0144

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 02 - Jan17 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.108054
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (memory consumption or applicati!
on crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.30, 7.0.15 or later.
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.6.30 and 7.0.x before 7.0.15

Vulnerability Insight:
Multiple flaws are due to
  - A integer overflow in the phar_parse_pharfile function in ext/phar/phar.c
  via a truncated manifest entry in a PHAR archive.
  - A off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c
  via a crafted PHAR archive with an alias mismatch.

Vulnerability Detection Method:
Get the installed version with the help
  of the detect NVT and check if the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 02 - Jan17 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.108054)
Version used: $Revision: 5132 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-10159, CVE-2016-10160
CERT: DFN-CERT-2017-0532
, DFN-CERT-2017-0334
, DFN-CERT-2017-0325
, DFN-CERT-2017-0274
, DFN-CERT-2017-0144

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php


Issue
-----
NVT:    PHP Multiple Denial of Service Vulnerabilities - 02 - Jan17 (Linux)
OID:    1.3.6.1.4.1.25623.1.0.108054
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is prone
  to multiple denial of service vulnerabilities.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.6.30

Impact:
Successfully exploiting this issue allow
  remote attackers to cause a denial of service (memory consumption or applicati!
on crash).
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.6.30, 7.0.15 or later.
  For updates refer to http://www.php.net

Affected Software/OS:
PHP versions before 5.6.30 and 7.0.x before 7.0.15

Vulnerability Insight:
Multiple flaws are due to
  - A integer overflow in the phar_parse_pharfile function in ext/phar/phar.c
  via a truncated manifest entry in a PHAR archive.
  - A off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c
  via a crafted PHAR archive with an alias mismatch.

Vulnerability Detection Method:
Get the installed version with the help
  of the detect NVT and check if the version is vulnerable or not.
Details:
PHP Multiple Denial of Service Vulnerabilities - 02 - Jan17 (Linux)
(OID: 1.3.6.1.4.1.25623.1.0.108054)
Version used: $Revision: 5132 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2016-10159, CVE-2016-10160
CERT: DFN-CERT-2017-0532
, DFN-CERT-2017-0334
, DFN-CERT-2017-0325
, DFN-CERT-2017-0274
, DFN-CERT-2017-0144

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/ChangeLog-7.php


Issue
-----
NVT:    PHP Multiple Double Free Vulnerabilities - Jan15
OID:    1.3.6.1.4.1.25623.1.0.805412
Threat: High (CVSS: 7.5)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is
  prone to denial of service vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.5.21/5.6.5

Impact:
Successful exploitation will allow
  remote attackers to cause a denial of service or possibly have unspecified
  other impact.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.5.21
  or 5.6.5 or later

Affected Software/OS:
PHP versions through 5.5.20
  and 5.6.x through 5.6.4

Vulnerability Insight:
Multiple flaws are due to:
  - Double free error in the 'zend_ts_hash_graceful_destroy' function in
  'zend_ts_hash.c script in the Zend Engine in PHP.
  - flaw in the 'GetCode_' function in 'gd_gif_in.c' script  in GD Graphics
  Library (LibGD).

Vulnerability Detection Method:
Get the installed version with the
  help of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Double Free Vulnerabilities - Jan15
(OID: 1.3.6.1.4.1.25623.1.0.805412)
Version used: $Revision: 4498 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-9425, CVE-2014-9709
BID: 71800,  73306
CERT: CB-K16/0944
, CB-K15/1437
, CB-K15/0966
, CB-K15/0854
, CB-K15/0806
, CB-K15/0769
, CB-K15/0757
, CB-K15/0665
, CB-K15/0482
, CB-K15/0454
, CB-K15/0420
, DFN-CERT-2016-1004
, DFN-CERT-2016-0876
, DFN-CERT-2015-1514
, DFN-CERT-2015-1017
, DFN-CERT-2015-0900
, DFN-CERT-2015-0842
, DFN-CERT-2015-0809
, DFN-CERT-2015-0794
, DFN-CERT-2015-0697
, DFN-CERT-2015-0505
, DFN-CERT-2015-0473
, DFN-CERT-2015-0442

Other:
    http://securitytracker.com/id/1031479
    https://bugs.php.net/bug.php?id=68676


Issue
-----
NVT:    PHP Multiple Double Free Vulnerabilities - Jan15
OID:    1.3.6.1.4.1.25623.1.0.805412
Threat: High (CVSS: 7.5)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is installed with PHP and is
  prone to denial of service vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.5.21/5.6.5

Impact:
Successful exploitation will allow
  remote attackers to cause a denial of service or possibly have unspecified
  other impact.
  Impact Level: Application

Solution:
Solution type: VendorFix
Upgrade to PHP version 5.5.21
  or 5.6.5 or later

Affected Software/OS:
PHP versions through 5.5.20
  and 5.6.x through 5.6.4

Vulnerability Insight:
Multiple flaws are due to:
  - Double free error in the 'zend_ts_hash_graceful_destroy' function in
  'zend_ts_hash.c script in the Zend Engine in PHP.
  - flaw in the 'GetCode_' function in 'gd_gif_in.c' script  in GD Graphics
  Library (LibGD).

Vulnerability Detection Method:
Get the installed version with the
  help of detect NVT and check the version is vulnerable or not.
Details:
PHP Multiple Double Free Vulnerabilities - Jan15
(OID: 1.3.6.1.4.1.25623.1.0.805412)
Version used: $Revision: 4498 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2014-9425, CVE-2014-9709
BID: 71800,  73306
CERT: CB-K16/0944
, CB-K15/1437
, CB-K15/0966
, CB-K15/0854
, CB-K15/0806
, CB-K15/0769
, CB-K15/0757
, CB-K15/0665
, CB-K15/0482
, CB-K15/0454
, CB-K15/0420
, DFN-CERT-2016-1004
, DFN-CERT-2016-0876
, DFN-CERT-2015-1514
, DFN-CERT-2015-1017
, DFN-CERT-2015-0900
, DFN-CERT-2015-0842
, DFN-CERT-2015-0809
, DFN-CERT-2015-0794
, DFN-CERT-2015-0697
, DFN-CERT-2015-0505
, DFN-CERT-2015-0473
, DFN-CERT-2015-0442

Other:
    http://securitytracker.com/id/1031479
    https://bugs.php.net/bug.php?id=68676


Issue
-----
NVT:    PHP Multiple Security Bypass Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.801585
Threat: Medium (CVSS: 5.0)
Port:   general/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is running PHP and is prone to multiple security
  bypass vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.3.4

Impact:
Successful exploitation could allow remote attackers to trigger an incomplete
  output array, and possibly bypass spam detection or have unspecified other imp!
act.
  Impact Level: Application/Network

Solution:
Solution type: VendorFix
Upgrade to PHP 5.3.4 or later
  For updates refer to http://www.php.net/downloads.php

Affected Software/OS:
PHP version prior to 5.3.4

Vulnerability Insight:
The flaws are caused to:
  - An error in handling pathname which accepts the '?' character in a
    pathname.
  - An error in 'iconv_mime_decode_headers()' function in the 'Iconv'
    extension.
  - 'SplFileInfo::getType' function in the Standard PHP Library (SPL) extension,
    does not properly detect symbolic links in windows.
  - Integer overflow in the 'mt_rand' function.
  - Race condition in the 'PCNTL extension', when a user-defined signal handler !
exists.

Vulnerability Detection Method:
Details:
PHP Multiple Security Bypass Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.801585)
Version used: $Revision: 4502 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2006-7243, CVE-2010-4699, CVE-2011-0754, CVE-2011-0753, CVE-2011-0755
CERT: CB-K16/0944
, CB-K15/0703
, CB-K14/0323
, CB-K13/0712
, DFN-CERT-2016-1004
, DFN-CERT-2015-0732
, DFN-CERT-2014-0336
, DFN-CERT-2013-1713
, DFN-CERT-2012-0210
, DFN-CERT-2011-0515
, DFN-CERT-2011-0013
, DFN-CERT-2011-0012
, DFN-CERT-2011-0011
, DFN-CERT-2010-1729

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/releases/5_3_4.php
    http://openwall.com/lists/oss-security/2010/12/09/9
    http://svn.php.net/viewvc?view=revision&revision=305507


Issue
-----
NVT:    PHP Multiple Security Bypass Vulnerabilities
OID:    1.3.6.1.4.1.25623.1.0.801585
Threat: Medium (CVSS: 5.0)
Port:   80/tcp

Product detection result: cpe:/a:php:php:4.4.4
Detected by: PHP Version Detection (Linux, local) (OID: 1.3.6.1.4.1.25623.1.0.103592)

Summary:
This host is running PHP and is prone to multiple security
  bypass vulnerability.

Vulnerability Detection Result:
Installed version: 4.4.4
Fixed version:     5.3.4

Impact:
Successful exploitation could allow remote attackers to trigger an incomplete
  output array, and possibly bypass spam detection or have unspecified other imp!
act.
  Impact Level: Application/Network

Solution:
Solution type: VendorFix
Upgrade to PHP 5.3.4 or later
  For updates refer to http://www.php.net/downloads.php

Affected Software/OS:
PHP version prior to 5.3.4

Vulnerability Insight:
The flaws are caused to:
  - An error in handling pathname which accepts the '?' character in a
    pathname.
  - An error in 'iconv_mime_decode_headers()' function in the 'Iconv'
    extension.
  - 'SplFileInfo::getType' function in the Standard PHP Library (SPL) extension,
    does not properly detect symbolic links in windows.
  - Integer overflow in the 'mt_rand' function.
  - Race condition in the 'PCNTL extension', when a user-defined signal handler !
exists.

Vulnerability Detection Method:
Details:
PHP Multiple Security Bypass Vulnerabilities
(OID: 1.3.6.1.4.1.25623.1.0.801585)
Version used: $Revision: 4502 $

Product Detection Result:
Product:cpe:/a:php:php:4.4.4

Method:PHP Version Detection (Linux, local)
(OID: 1.3.6.1.4.1.25623.1.0.103592)

References:
CVE: CVE-2006-7243, CVE-2010-4699, CVE-2011-0754, CVE-2011-0753, CVE-2011-0755
CERT: CB-K16/0944
, CB-K15/0703
, CB-K14/0323
, CB-K13/0712
, DFN-CERT-2016-1004
, DFN-CERT-2015-0732
, DFN-CERT-2014-0336
, DFN-CERT-2013-1713
, DFN-CERT-2012-0210
, DFN-CERT-2011-0515
, DFN-CERT-2011-0013
, DFN-CERT-2011-0012
, DFN-CERT-2011-0011
, DFN-CERT-2010-1729

Other:
    http://www.php.net/ChangeLog-5.php
    http://www.php.net/releases/5_3_4.php
    http://openwall.com/lists/oss-security/2010/12/09/9
    http://svn.php.net/viewvc?view=revision&revision=305507​

bottom of page