SUSE SLES11 Security Update : php53 (SUSE-SU-2016:1145-1)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

This update for php53 fixes the following issues :

- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM
(bnc#973792).

- CVE-2015-8835: SoapClient s_call method suffered from a
type confusion issue that could have lead to crashes
[bsc#973351]

- CVE-2016-2554: A NULL pointer dereference in
phar_get_fp_offset could lead to crashes. [bsc#968284]
Note: we do not ship the phar extension currently, so we
are not affected.

- CVE-2015-7803: A Stack overflow vulnerability when
decompressing tar phar archives could potentially lead
to code execution. [bsc#949961] Note: we do not ship the
phar extension currently, so we are not affected.

- CVE-2016-3141: A use-after-free / double-free in the
WDDX deserialization could lead to crashes or potential
code execution. [bsc#969821]

- CVE-2016-3142: An Out-of-bounds read in
phar_parse_zipfile() could lead to crashes. [bsc#971912]
Note: we do not ship the phar extension currently, so we
are not affected.

- CVE-2014-9767: A directory traversal when extracting zip
files was fixed that could lead to overwritten files.
[bsc#971612]

- CVE-2016-3185: A type confusion vulnerability in
make_http_soap_request() could lead to crashes or
potentially code execution. [bsc#971611]

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/949961
https://bugzilla.suse.com/968284
https://bugzilla.suse.com/969821
https://bugzilla.suse.com/971611
https://bugzilla.suse.com/971612
https://bugzilla.suse.com/971912
https://bugzilla.suse.com/973351
https://bugzilla.suse.com/973792
https://www.suse.com/security/cve/CVE-2014-9767.html
https://www.suse.com/security/cve/CVE-2015-7803.html
https://www.suse.com/security/cve/CVE-2015-8835.html
https://www.suse.com/security/cve/CVE-2015-8838.html
https://www.suse.com/security/cve/CVE-2016-2554.html
https://www.suse.com/security/cve/CVE-2016-3141.html
https://www.suse.com/security/cve/CVE-2016-3142.html
https://www.suse.com/security/cve/CVE-2016-3185.html
http://www.nessus.org/u?69be1bb7

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Software Development Kit 11-SP4 :

zypper in -t patch sdksp4-php53-12527=1

SUSE Linux Enterprise Server 11-SP4 :

zypper in -t patch slessp4-php53-12527=1

SUSE Linux Enterprise Debuginfo 11-SP4 :

zypper in -t patch dbgsp4-php53-12527=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 90757 ()

Bugtraq ID:

CVE ID: CVE-2014-9767
CVE-2015-7803
CVE-2015-8835
CVE-2015-8838
CVE-2016-2554
CVE-2016-3141
CVE-2016-3142
CVE-2016-3185

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now