Detections
Analytics

FreeBSD : php -- multiple vulnerabilities (6b771fe2-b84e-11e5-92f9-485d605f4717)

high Nessus Plugin ID 87854

Language:

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

PHP reports :

- Core :

- Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).

- GD :

- Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds).

- SOAP :

- Fixed bug #70900 (SoapClient systematic out of memory error).

- Wddx

- Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).

- Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability).

- XMLRPC :

- Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).

Solution

Update the affected packages.

See Also

http://www.php.net/ChangeLog-5.php#5.5.31

http://www.php.net/ChangeLog-5.php#5.6.17

http://www.nessus.org/u?26ff4f49

Plugin Details

Severity: High

ID: 87854

File Name: freebsd_pkg_6b771fe2b84e11e592f9485d605f4717.nasl

Version: 2.3

Type: local

Published: 1/12/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:php55, p-cpe:/a:freebsd:freebsd:php55-gd, p-cpe:/a:freebsd:freebsd:php55-wddx, p-cpe:/a:freebsd:freebsd:php55-xmlrpc, p-cpe:/a:freebsd:freebsd:php56, p-cpe:/a:freebsd:freebsd:php56-gd, p-cpe:/a:freebsd:freebsd:php56-soap, p-cpe:/a:freebsd:freebsd:php56-wddx, p-cpe:/a:freebsd:freebsd:php56-xmlrpc, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/11/2016

Vulnerability Publication Date: 1/7/2016