Detections
Analytics
MiracleLinux 4 : php-5.3.3-27.AXS4.1 (AXSA:2014-484:02)
high Nessus Plugin ID 289053
Synopsis
The remote MiracleLinux host is missing one or more security updates.Description
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-484:02 advisory.Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module which adds support for the PHP language to Apache HTTP Server.
Security issues fixed with this release:
CVE-2012-1571 file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.
CVE-2013-6712 The scan function in ext/date/lib/parse_iso_intervals.c in PHP through 5.5.6 does not properly restrict creation of DateInterval objects, which might allow remote attackers to cause a denial of service (heap- based buffer over-read) via a crafted interval specification.
CVE-2014-0237 The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
CVE-2014-0238 The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
CVE-2014-1943 Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file.
CVE-2014-2270 softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
CVE-2014-3479 The cdf_check_stream_offset function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, relies on incorrect sector-size data, which allows remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file.
CVE-2014-3480 The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, does not properly validate sector-count data, which allows remote attackers to cause a denial of service (application crash) via a crafted CDF file.
CVE-2014-3515 The SPL component in PHP before 5.4.30 and 5.5.x before 5.5.14 incorrectly anticipates that certain data structures will have the array data type after unserialization, which allows remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to type confusion issues in (1) ArrayObject and (2) SPLObjectStorage.
CVE-2014-4049 Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function.
CVE-2014-4721 The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a type confusion vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.
Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected packages.See Also
Plugin Details
Severity: High
ID: 289053
File Name: miracle_linux_AXSA-2014-484.nasl
Version: 1.1
Type: local
Published: 1/16/2026
Updated: 1/16/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.0
Vendor
Vendor Severity: Moderate
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2014-3515
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2014-0238
Vulnerability Information
CPE: p-cpe:/a:miracle:linux:php-common, p-cpe:/a:miracle:linux:php-xmlrpc, p-cpe:/a:miracle:linux:php-mysql, p-cpe:/a:miracle:linux:php, p-cpe:/a:miracle:linux:php-odbc, p-cpe:/a:miracle:linux:php-mbstring, p-cpe:/a:miracle:linux:php-ldap, p-cpe:/a:miracle:linux:php-pdo, cpe:/o:miracle:linux:4, p-cpe:/a:miracle:linux:php-pgsql, p-cpe:/a:miracle:linux:php-soap, p-cpe:/a:miracle:linux:php-cli, p-cpe:/a:miracle:linux:php-gd, p-cpe:/a:miracle:linux:php-bcmath, p-cpe:/a:miracle:linux:php-xml
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 8/11/2014
Vulnerability Publication Date: 8/25/2011
Reference Information
CVE: CVE-2012-1571, CVE-2013-6712, CVE-2014-0237, CVE-2014-0238, CVE-2014-1943, CVE-2014-2270, CVE-2014-3479, CVE-2014-3480, CVE-2014-3515, CVE-2014-4049, CVE-2014-4721
IAVB: 2014-B-0135-S