This script is Copyright (C) 2017 Tenable Network Security, Inc.
The Tenable SecurityCenter application on the remote host contains a
PHP library that is affected by multiple vulnerabilities.
The Tenable SecurityCenter application installed on the remote host
is missing a security patch. It is, therefore, affected by multiple
vulnerabilities in the bundled version of PHP :
- An out-of-bounds read flaw in the phar_parse_pharfile() function
in ext/phar/phar.c that is triggered when handling phar archives.
This may allow a remote attacker to cause a denial of service.
- An out-of-bounds read flaw in the gdImageCreateFromGifCtx()
function in gd_gif_in.c that is triggered when handling a
specially crafted GIF file. This may allow a context-dependent
attacker to crash a process linked against the library or
potentially disclose memory contents.
- An extended invalid free flaw in the php_wddx_push_element()
function in ext/wddx/wddx.c that is triggered during the parsing
of empty boolean tags. This may allow a remote attacker to crash a
program built with the language.
- The openssl extension PEM sealing code does not check the return
value of the OpenSSL sealing function, which could lead to a crash
of the PHP interpreter.
- A flaw that is triggered when handling overly large POST requests.
This may allow a remote attacker to exhaust available CPU
- An out-of-bounds read flaw in the php_parse_date() function in
ext/date/lib/parse_date.c that may allow a remote attacker to
crash a program built with the language or potentially disclose
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Apply the relevant patch as referenced in the vendor advisory.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Nessus Plugin ID: 103121 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now