FreeBSD : php5 -- multiple vulnerabilities (787ef75e-44da-11e5-93ad-002590263bf5)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

The PHP project reports :

Core :

- Fixed bug #69793 (Remotely triggerable stack exhaustion via
recursive method calls).

- Fixed bug #70121 (unserialize() could lead to unexpected methods
execution / NULL pointer deref).

OpenSSL :

- Fixed bug #70014 (openssl_random_pseudo_bytes() is not
cryptographically secure).

Phar :

- Improved fix for bug #69441.

- Fixed bug #70019 (Files extracted from archive may be placed outside
of destination directory).

SOAP :

- Fixed bug #70081 (SoapClient info leak / NULL pointer dereference
via multiple type confusions).

SPL :

- Fixed bug #70068 (Dangling pointer in the unserialization of
ArrayObject items).

- Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
SPLArrayObject).

- Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
SplObjectStorage).

- Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
SplDoublyLinkedList).

See also :

http://php.net/ChangeLog-5.php#5.4.44
http://php.net/ChangeLog-5.php#5.5.28
http://php.net/ChangeLog-5.php#5.6.12
http://www.nessus.org/u?d2ee4c62

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 85484 ()

Bugtraq ID:

CVE ID: CVE-2015-6831
CVE-2015-6832
CVE-2015-6833

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now